← All stories

Cybereason

Tycoon 2FA Phishing Kit Analysis

Cybereason Security Services Team · 2025-11-03 · Read original ↗

ATT&CK techniques detected

5 predictions

T1566.002Spearphishing Link

95%

“tycoon 2fa phishing kit analysis the tycoon 2fa phishing kit is a sophisticated phishing - as - a - service ( phaas ) platform that emerged in august 2023, designed to bypass two - factor authentication ( 2fa ) and multi - factor authentication ( mfa ) protections, primarily targ…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1598Phishing for Information

76%

“tycoon 2fa phishing kit analysis the tycoon 2fa phishing kit is a sophisticated phishing - as - a - service ( phaas ) platform that emerged in august 2023, designed to bypass two - factor authentication ( 2fa ) and multi - factor authentication ( mfa ) protections, primarily targ…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1111Multi-Factor Authentication Interception

64%

“tycoon 2fa phishing kit analysis the tycoon 2fa phishing kit is a sophisticated phishing - as - a - service ( phaas ) platform that emerged in august 2023, designed to bypass two - factor authentication ( 2fa ) and multi - factor authentication ( mfa ) protections, primarily targ…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1566Phishing

49%

“tycoon 2fa phishing kit analysis the tycoon 2fa phishing kit is a sophisticated phishing - as - a - service ( phaas ) platform that emerged in august 2023, designed to bypass two - factor authentication ( 2fa ) and multi - factor authentication ( mfa ) protections, primarily targ…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1598.003Spearphishing Link

38%

“tycoon 2fa phishing kit analysis the tycoon 2fa phishing kit is a sophisticated phishing - as - a - service ( phaas ) platform that emerged in august 2023, designed to bypass two - factor authentication ( 2fa ) and multi - factor authentication ( mfa ) protections, primarily targ…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

Summary

Tycoon 2FA Phishing Kit Analysis

The Tycoon 2FA phishing kit is a sophisticated Phishing-as-a-Service (PhaaS) platform that emerged in August 2023, designed to bypass two-factor authentication (2FA) and multi-factor authentication (MFA) protections, primarily targeting Microsoft 365 and Gmail accounts. Utilizing an Adversary-in-the-Middle (AiTM) approach, it employs a reverse proxy server to host deceptive phishing pages that mimic legitimate login interfaces, capturing user credentials and session cookies in real-time. According to the Any.run malware trends tracker, Tycoon 2FA leads with over 64,000 reported incidents this year.