Microsoft Warns of Surge in Man-in-the-Middle Attacks Bypassing MFA

Microsoft Corporation warns of increase in MITM attacks distributed as part of Phishing-as-a-Service (PhaaS) model

Microsoft Corporation has issued a warning regarding the rise in attacks of the type “Man-in-the-Middle” (MITM), which are being distributed as part of the cybercrime model known as “Phishing-as-a-Service” (PhaaS). The tech giant has observed a significant increase in the number of platforms offering PhaaS capabilities and noted that existing phishing services, such as PersWaySion, have started integrating MITM attack functionalities.

The integration of MITM capabilities allows attackers to carry out large-scale phishing campaigns aimed at bypassing the security features of multifactor authentication, according to Microsoft’s cyber analysis teams.

Phishing tools equipped with MITM functionalities operate in two main ways. The first method involves the use of reverse proxy servers to intercept sensitive data, two-factor authentication codes, and session cookies. The second method utilizes synchronous relay servers, where users are presented with a copy or imitation of a legitimate login page, resembling traditional phishing attacks.

The ultimate objective of these attacks is to obtain users’ session cookies and gain unauthorized access to privileged systems without the need for authentication.

“Bypassing multifactor authentication (MFA) is the main goal driving attackers to develop methods for stealing session cookies using MITM principles,” highlighted Microsoft.

Researchers strongly recommend that organizations remain vigilant against this threat and take necessary measures to protect themselves, including regularly updating software, using strong passwords, and implementing two-factor authentication. Additionally, the adoption of modern intrusion detection and prevention systems, capable of identifying and suppressing hacker abuses in real-time, is considered an essential component of overall protection.

/Reports, release notes, official announcements.