FlowerStorm
0 incidentes
0 paises
0 sectores
apt RU Ultimo: -
FlowerStorm is a commercially operated Phishing-as-a-Service (PhaaS) platform that emerged in mid-2024, significantly gaining prominence after the technical disruption of the competing Rockstar2FA service in November 2024. This platform provides cybercriminals with tools to execute Adversary-in-the-Middle (AiTM) attacks, primarily targeting Microsoft 365 credentials and bypassing multi-factor authentication (MFA) by capturing session tokens. Assessed with high confidence to be of Russian origin, FlowerStorm's primary motivation is financial gain through facilitating business email compromise, financial fraud, and data exfiltration. What distinguishes FlowerStorm is its focus on dynamic adaptation within phishing campaigns, mimicking legitimate login pages and customizing branding to enhance authenticity, as well as its recent incorporation of browser-based virtual machines for obfuscation. The platform shares considerable functional and infrastructural similarities with other PhaaS off
Sectores objetivo (SOCRadar)
Executive, Legislative, and Other General Government Support