Our report offers a technical analysis of the EvilTokens kit, its delivery campaigns, and the adversary's infrastructure.
S
sekoia_io@infosec.exchange
@sekoia_io@infosec.exchange
Posts
-
#TDR analysts uncovered an emerging Phishing-as-a-Service (#PhaaS) platform called #EvilTokens, which offers device code phishing pages and AI-augmented features to automate and scale #BEC workflows. -
#TDR analysts uncovered an emerging Phishing-as-a-Service (#PhaaS) platform called #EvilTokens, which offers device code phishing pages and AI-augmented features to automate and scale #BEC workflows.#TDR analysts uncovered an emerging Phishing-as-a-Service (#PhaaS) platform called #EvilTokens, which offers device code phishing pages and AI-augmented features to automate and scale #BEC workflows.
️
https://buff.ly/RvF5Kux -
#TDR analysts uncovered an emerging Phishing-as-a-Service (#PhaaS) platform called #EvilTokens, which offers device code phishing pages and AI-augmented features to automate and scale #BEC workflows.Active since late February 2026 and rapidly adopted by cybercriminals, TDR analysts believe EvilTokens will become a serious competitor in the phishing and BEC landscape.
-
#TDR analysts uncovered an emerging Phishing-as-a-Service (#PhaaS) platform called #EvilTokens, which offers device code phishing pages and AI-augmented features to automate and scale #BEC workflows.EvilTokens device code phishing pages allows attackers to capture Microsoft refresh and access token, weaponise them, harvest victims' mailbox, and automatically craft BEC emails using AI.