Resecurity | EvilProxy Phishing-as-a-Service with MFA Bypass Emerged in Dark Web
Common Information
Type Value
UUID c90593c3-8424-4a44-bb63-0cef1223e30a
Fingerprint 91d12d19a9919120
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 5, 2022, midnight
Added to db Aug. 12, 2023, 9:04 a.m.
Last updated Dec. 24, 2024, 12:04 a.m.
Headline EvilProxy Phishing-as-a-Service with MFA Bypass Emerged in Dark Web
Title Resecurity | EvilProxy Phishing-as-a-Service with MFA Bypass Emerged in Dark Web
Detected Hints/Tags/Attributes 53/2/21
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 364 Resecurity https://www.resecurity.com/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 77
gitlab.com
Details Domain 86
install.sh
Details Domain 1
wwwofc.msdnmail.net
Details Domain 3
brave.com
Details Domain 1
msdnmail.net
Details Domain 1
evilproxy.pro
Details Domain 1
top-cyber.club
Details Domain 1
rproxy.io
Details Domain 1
login-live.rproxy.io
Details Domain 1
gw1.usd0182738s80.click
Details Domain 1
gw2.usd0182738s80.click
Details Domain 1
cpanel.evilproxy.pro
Details Domain 1
cpanel.pua75npooc4ekrkkppdglaleftn5mi2hxsunz5uuup6uxqmen4deepyd.onion
Details Gitlab username 1
ksh8h297ayd0
Details IPv4 1
6.16.0.0
Details IPv4 1
147.78.47.250
Details IPv4 1
185.158.251.169
Details IPv4 1
194.76.226.166
Details Url 1
https://gitlab.com/ksh8h297ayd0/docker-control-agent.git
Details Url 1
https://lmo.msdnmail.net/common/oauth2/v2.0/authorize?client_id=4765445b
Details Url 1
https://473126b6-bf9a-4a96-8111-fb04f6631ad8-571c4b21.msdnmail.net/mail/?realm=[victim_domain]&exsvurl=1&ll