A new Microsoft 365 phishing-as-a-service platform called "FlowerStorm" is growing in popularity, filling the void left behind by the sudden shutdown of the Rockstar2FA cybercrime service.
Has the Rockstar 2FA bypass attack morphed into something worse? What Google and Microsoft users need to know and do.
Rockstar2FA disruption on November 11 spurred FlowerStorm phishing surge, targeting 10 countries and service sectors.
Researchers said that Rockstar2FA went quiet in November 2024 But a new PaaS emerged soon afterwards, with partly overlapping infrastructure The new PaaS is called FlowerStorm, and it targets ...
This tool is called FlowerStorm, and it might have emerged from the (defunct) Rockstar2FA, the company revealed, noting how in November, detections for Rockstar2FA have “suddenly gone quiet”.