Feb 23, 2022
Devious phishing method bypasses MFA using remote access software
Posted by Genevieve Klien in category: cybercrime/malcode
The researcher also told BleepingComputer that websites, such as LinkedIn, detect man-in-the-middle (MiTM) attacks and deactivate accounts after successful logins.
To overcome this obstacle, mr.d0x came up with a devious new phishing technique that uses the noVNC remote access software and browsers running in kiosk mode to display email login prompts running on the attacker’s server but shown in the victim’s browser.
VNC is a remote access software that allows remote users to connect to and control a logged-in user’s desktop. Most people connect to a VNC server through dedicated VNC clients that open the remote desktop in a similar manner to Windows Remote Desktop.