A DNS Investigation into Mamba 2FA, the Latest AitM Phishing Player
Adversary-in-the-middle (AitM) phishing attacks have been growing in popularity, and it's not surprising.1 As more companies adopt multifactor authentication (MFA) security measures, more threat actors are using this tactic. Why? AitM has the ability to bypass security measures like MFA.
WhoisXML API recently analyzed Mamba 2FA, the latest addition to the list of AitM phishing players.2 In particular, we expanded a list of 58 indicators of compromise (IoCs) and uncovered: