Subscribe to Newsletters

Curated Content | Thought Leadership | Technology News

Thousands of Microsoft 365 Accounts Compromised in Latest Attack

Something phishy is going on.
Joshua Koszalkowski
Contributing Writer

A “phishing empire” has been targeting businesses across Europe, the United States, and Australia. From October 2022 to July 2023, over 56,000 corporate Microsoft 365 accounts were targeted by phishing tools, leading to at least 8,000 of them being compromised.

W3LL, the group behind the attacks, has been active since at least 2017. They recently started selling a phishing kit in its newly launched English-language underground marketplace.

Why it matters: According to researchers from Group-IB, the kit is “one of the most efficient and sophisticated tools in its niche,” making it a major cause for concern. It gives attackers the ability to capture session cookies and enables them to bypass multi-factor authentication by placing itself between the victim and Microsoft.

  • Targeted buyers of the phishing kit are criminals of varying skill levels who want to take part in schemes to defraud companies through messages that look official, otherwise known as business email compromise (BEC) attacks.
  • Developers of the kit sell it via a three-month subscription model for $500 alongside an additional $150 monthly fee. The W3LL’s store’s revenue over the last 10 months currently sits around $500,000 according to Group-IB’s estimates.
  • The group also sells custom phishing lures, VPN accounts, compromised email accounts, and other shady tools on its marketplace. If threat actors combined these tools, they could implement large-scale phishing campaigns and inflict significant damage on individuals and organizations.
  • Organizations, especially those in the manufacturing, IT, finance, consulting, healthcare, and legal services sectors need to be on high alert. These attacks could open them up to data breaches, major financial losses, and ultimately harm to their reputation.

Go Deeper —> New phishing tool hijacked thousands of Microsoft business email accounts – The Record

☀️ Subscribe to the Early Morning Byte! Begin your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

☀️ Your latest edition of the Early Morning Byte is here! Kickstart your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

ADVERTISEMENT

×
You have free article(s) left this month courtesy of CIO Partners.

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Would You Like To Save Articles?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Thanks for subscribing!

We’re excited to have you on board. Stay tuned for the latest technology news delivered straight to your inbox.

Save My Spot For TNCR LIVE!

Thursday April 18th

9 AM Pacific / 11 PM Central / 12 PM Eastern

Register for Unlimited Access

Already a member?

Digital Monthly

$12.00/ month

Billed Monthly

Digital Annual

$10.00/ month

Billed Annually

Would You Like To Save Books?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Log In To Access Premium Features

Sign Up For A Free Account

Please enable JavaScript in your browser to complete this form.
Name
Newsletters