Dossier
EvilTokens
Coverage of EvilTokens in the Nexus archive.
- The New Phishing Click: How OAuth Consent Bypasses MFA
A phishing-as-a-service platform called EvilTokens compromised over 340 Microsoft 365 organizations across five countries in just five weeks. The targets received a message asking them to enter a short code and complete their normal MFA challenge. This phishing attack bypassed multi-factor authentication.
- Hundreds of orgs compromised daily in Microsoft device code phishing attacks
A Microsoft device-code phishing campaign uses AI and automation to compromise hundreds of organizations daily, enabling attackers to access corporate emails and steal financial data. The attack leverages 'EvilTokens' to bypass multi-factor authentication, highlighting vulnerabilities in cybersecurity practices.