Hundreds of hacking groups are using the kit to target Microsoft 365 accounts
Hundreds of threat actor groups are using a highly advanced phishing kit to target corporate Microsoft 365 accounts, with relative success, according to a new report from cybersecurity experts Group-IB.
The phishing kit is called W3LL, and it’s been in development since at least 2017. In that time, the kit grew and improved, and with it — its popularity rose, with more than 500 groups currently using it.
Those groups have managed to create roughly 850 phishing campaigns, which sought to steal Microsoft 365 credentials from more than 56,000 accounts. Apparently, they succeeded in some 8,000 instances. The result is, the researchers say, “millions of dollars” in financial losses, and possibly millions of files stolen from endpoints.
