Rockstar2FA Failure Leads to Increased FlowerStorm Activity
/ 1 min read
🌸💻 Phishing-as-a-Service disruption leads to rise of FlowerStorm toolkit. A recent report from Sophos reveals that the Rockstar2FA phishing-as-a-service (PhaaS) toolkit has experienced a technical failure, resulting in a surge of activity from a competing service called FlowerStorm. Rockstar2FA, which targeted Microsoft 365 accounts, became inaccessible on November 11, 2024, likely due to backend issues rather than a takedown. FlowerStorm, active since June 2024, shares similarities with Rockstar2FA in its phishing methods and targets a range of countries, focusing on the service industry, particularly engineering and legal sectors. This incident highlights the ongoing trend of cybercriminals leveraging accessible tools to execute large-scale phishing attacks without extensive technical skills.
