Tycoon Two-Factor Authentication Hacked as Phishing Attacks Rise
Tycoon 2FA Loses Ground Amid Rise in Phishing Kit Attacks
Threat actors have shifted away from Tycoon 2FA, a popular phishing-as-a-service (PhaaS) platform, in favor of alternative platforms such as Mamba 2FA, EvilProxy, and Sneaky 2FA.
Rise of Alternative Platforms
- Mamba 2FA, EvilProxy, and Sneaky 2FA have gained popularity among threat actors, surpassing Tycoon 2FA in terms of market share.
- The overall number of attacks leveraging these four phishing kits has increased from approximately 20 million to over 23 million.
“This does not mean the takedown operation failed. Rather, it shows what happens when disruption hits a maturing underground economy, and why security defenses need to look more broadly than individual players.” – Barracuda Networks
Persistence of Phishing Kits
- Variants of Tycoon 2FA’s attack code continue to circulate, and independently hosted deployments remain active.
- PhaaS toolsets are increasingly similar to open-source software, where threat actors reuse, modify, and redeploy the code.
Barracuda warns that the persistence of these tools, combined with the redistribution of Tycoon 2FA’s code across multiple platforms, highlights the importance of broadening security defenses beyond individual players.
Conclusion
The shift away from Tycoon 2FA marks a significant development in the world of phishing kits, emphasizing the need for continuous adaptation and vigilance in cybersecurity efforts.
About Author
English