Tycoon2FA dismantled: How TrendAI research supported the Europol-led takedown

Have you heard about Tycoon2FA?

Linked to more than 96,000 victims globally, this phishing-as-a-service platform enabled attackers to bypass multi-factor authentication (MFA) using adversary-in-the-middle (AiTM) proxying, allowing them to intercept login sessions and capture valid credentials in real time.

Tycoon2FA has recently been dismantled, and our threat researchers at TrendAI™, a business unit of Trend Micro, played a key role in the global disruption of the platform. Here is how and what you should know.

View Full Article

Related Articles

• Fragmented Cybersecurity Can’t Stop A Fragmented Threat Landscape
• A Technical Deep Dive Into Email Based Authentication
• Surge in Silent Subject Phishing Attacks
• TrendAI Spark Global Series Event
• The Cyber Assessment Framework (CAF)

Popular Articles

An investigation into phishing activity over the past months has surfaced a decisive structural evol...

Read More >

Abuse of Cloud-Native Infrastructure in Modern Phishing Campaigns

Over the past year, we’ve made significant progress with Microsoft Discovery by work...

Read More >

Advancing agentic R&D at scale

Have you heard of the Cyber Assessment Framework? The Cyber Assessment Framework (...

Read More >

The Cyber Assessment Framework (CAF)

By now, most people will have heard the news. There is a new AI model in town, and you are feeling u...

Read More >

10 questions to ask when using AI models to find vulnerabilities