Uptime Hamster: 3d 11h 9mDeploy: 14 Jul 2026 21:26Updated: 2026-07-16
Logo del actor de amenaza Storm-1747

Storm-1747

0 incidentes 0 paises 0 sectores apt PK Ultimo: -
Ver en IntelTracker → APTTrail →
Storm-1747 is Microsoft's internal designation for a financially motivated group responsible for developing and operating the Tycoon 2FA phishing-as-a-service (PhaaS) platform, first observed in mid-2023. This group's primary objective is large-scale credential theft and subsequent resale, distinguishing them as a commercial provider within the cybercrime ecosystem. They lease access to the Tycoon 2FA kit through private Telegram channels, offering a robust update cycle and customer support. The Tycoon 2FA kit leverages Adversary-in-the-Middle (AiTM) tactics to bypass multi-factor authentication (MFA) and is characterized by its continuous technical evolution and sophisticated evasion techniques. The group operates under the alias Saad Tycoon Group and its Tycoon 2FA platform is believed to be an evolutionary descendant of the Dadsec OTT phishing kit, having been refined from earlier builds that shared similar design cues.

Actores similares

stormousransomware · 177crimson-sandstormactor · 1Storm-1811actor · 1Storm-0501apt · 1Dust Stormapt · 1storm-cloudactor · 1unc1549-crimson-sandstormactor · 1smoke-sandstorm-cuboid-saactor · 1Storm-0324apt · 0Storm-2372apt · 0
Tipo
apt
Pais origen
PK
Motivacion
-
Impacto
28
Actualizado
Wed, 04 Fe