By Ashish Chhatani - March 27, 2018
A tool for 2FA and social engineering
Phishing has always been the best medium for attackers to lure the victims and steal their critical data I.e. credentials. It has been rated as dangerous social engineering attack because of the data gained through it.
FireEye has recently released a tool for social engineering and two factor authentication which simplifies the real time phishing method.
What is 2 Factor Authentication?
Two factor authentication offers an additional layer of security to make the attacker’s life bit more difficult to get the victim’s credentials/accounts as only password won’t help them out. 2FA are always a good option rather than having single factor authentication. OTPs and push notifications are well known implementations of two factor authentication.
Though the irony is 2FA is also now not so secure because of real time phishing techniques as there is real time interaction happens between the attacker and the victim.
What is ReelPhish?
FireEye has developed a new tool called ReelPhish which eases out the phishing methods. It has been built to eliminate the risk of social engineering. The tool comprises of two components.
How it actually works?
The Primary component is designed to be run on attacker’s system. It contains the python script and which listens from the attacker’s phishing site and drives the locally installed browser using the selenium framework.
While the Secondary component embeds the code in the site and then sends the data containing victim’s credentials to the phishing which runs on the attacker machine. As it receives the information, original website is launched which is a legitimate phishing site developed by the attacker. This site is authenticated using the credentials and then the communication takes place over an encrypted SSH tunnel.