Forg365 PhaaS Exploits Device Code and AitM Tactics to Compromise Microsoft 365 Accounts
A new PhaaS operation called Forg365 targets Microsoft 365 accounts using device code phishing and adversary-in-the-middle (AitM) tactics, combined with AI-assisted lure creation and session theft capabilities. The platform offers a subscription-based model with automated tools for phishing campaigns, session management, and post-compromise activities like keyword monitoring and AI-generated responses.
A new phishing-as-a-service (PhaaS) operation called Forg365 is using a combination of device code phishing, adversary-in-the-middle (AitM) tactics, antibot evasion, artificial intelligence (AI)-assisted lure creation, and post-compromise mailbox operations targeting Microsoft 365 accounts.
Distributed via Telegram and costing $400 a month (or $3,800 per year), attack chains leverage phishing
*** END OF TRANSMISSION ***