Multiple attackers using a new phishing service dubbed VoidProxy to target organizations' Microsoft and Google accounts have successfully stolen users' credentials, multi-factor authentication codes, and session tokens in real time, according to security researchers.

Okta Threat Intelligence uncovered the ongoing attacks, and told The Register that several different criminals and cybercrime gangs are using VoidProxy. The company has issued a detailed report on its findings.

"We have observed the targeting of multiple industries across multiple geographies, each of which reflects the priorities of the individual customer" of the phishing-as-a-service operation, the threat hunters said via email, in response to The Register's questions.

The phishes target any Google and Microsoft accounts

See Full Page