好的,我现在需要帮用户总结一篇文章的内容,控制在100个字以内,而且不需要特定的开头。首先,我得仔细阅读文章内容,抓住主要信息。 文章讲的是国际执法机构摧毁了一个名为Tycoon 2FA的钓鱼服务平台。这个平台帮助犯罪分子绕过双重认证,影响了全球50万组织,尤其是医院和学校。执法部门没收了330个域名,切断了这个平台的基础设施。微软提到有100多个医疗组织受到影响,导致患者护理延误。这个平台不仅窃取密码,还实时拦截认证代码,让攻击更隐蔽。开发者可能在巴基斯坦。 接下来,我需要把这些要点浓缩到100字以内。要包括:执法机构摧毁平台、平台名称、功能、影响范围、受影响领域、执法行动、微软的数据、攻击手法、开发者背景。 可能的结构:国际执法机构摧毁Tycoon 2FA钓鱼平台,该平台帮助犯罪分子绕过双重认证,影响全球50万组织,尤其是医院和学校。执法部门没收330个域名。微软指出100多个医疗组织受影响,导致患者护理延误。该平台不仅窃取密码还实时拦截认证代码。开发者可能在巴基斯坦。 检查字数是否在100字以内,并确保信息准确全面。 </think> 国际执法机构摧毁了名为Tycoon 2FA的钓鱼服务平台,该平台帮助犯罪分子绕过双重认证并窃取账户信息。全球50万家组织受影响,尤其是医院和学校。执法部门没收了330个域名以切断其运营。微软指出超过100家医疗机构遭遇攻击,导致患者护理延误。该平台不仅窃取密码还实时拦截认证代码以规避安全检测。 2026-3-5 13:0:46 Author: therecord.media(查看原文) 阅读量:9 收藏
International law enforcement agencies have dismantled a major phishing-as-a-service platform used to target hundreds of thousands of accounts worldwide, including those tied to hospitals and schools, Europol said Wednesday. The service, known as Tycoon 2FA, offered criminals a ready-made toolkit for stealing login credentials and bypassing multi-factor authentication, allowing attackers to access accounts even when additional security checks were enabled. Authorities disrupted the operation by seizing 330 domains used to host phishing sites and operate the platform’s infrastructure. Active since 2023, Tycoon 2FA sent tens of millions of phishing emails each month and targeted more than 500,000 organizations worldwide. Healthcare and education organizations were among the hardest hit. Microsoft said more than 100 members of Health-ISAC, a cybersecurity information-sharing group for the health sector, were successfully phished. In New York alone, at least two hospitals, six public schools and three universities reported attempted or successful compromises tied to Tycoon 2FA. “These incidents had tangible consequences,” Microsoft stated, with compromised accounts leading to operational disruptions and delays in patient care. Unlike conventional phishing kits that simply harvest passwords, Tycoon 2FA was designed to defeat strong security protections. The service intercepted authentication sessions in real time, capturing both login credentials and one-time verification codes. This allowed attackers to log in as legitimate users without triggering security alerts. The platform also lowered the barrier to cybercrime by packaging sophisticated phishing tools into a subscription-based service. At its peak, Tycoon 2FA accounted for about 62% of all phishing attempts blocked by Microsoft. “Taking this infrastructure offline cuts off a major pipeline for account takeovers and helps protect people and organizations from follow-on attacks such as data theft, ransomware, business email compromise and financial fraud,” the company said. Authorities believe the service’s developer is based in Pakistan and worked with partners responsible for marketing, payments and customer support. Cybercriminals often paired Tycoon 2FA alongside other illicit services that handled mass email distribution, malware hosting and the resale of stolen account access to conduct high-scale cybercrime campaigns.
Get more insights with the
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.
如有侵权请联系:admin#unsafe.sh