Researchers said that Rockstar2FA went quiet in November 2024
But a new PaaS emerged soon afterwards, with partly overlapping infrastructure
The new PaaS is called FlowerStorm, and it targets Microsoft365 accounts
Cybersecurity researchers from Sophos have warned a new Phishing-as-a-Service (PaaS) tool has emerged, allowing threat actors to easily hunt for people’s Microsoft 365 credentials.
This tool is called FlowerStorm, and it might have emerged from the (defunct) Rockstar2FA, the company revealed, noting how in November, detections for Rockstar2FA have “suddenly gone quiet”.
