FBI warns of Kali365 phishing tool bypassing MFA on Microsoft 365
The FBI has issued a warning about Kali365, a new phishing tool distributed via Telegram since April, which allows attackers to steal OAuth tokens and access Microsoft 365 services including Outlook, Teams, and OneDrive without needing a password, effectively bypassing two-factor authentication.
Key facts
- Kali365 is a phishing tool distributed via Telegram since April.
- It steals OAuth tokens to bypass two-factor authentication.
- Attackers can access Outlook, Teams, and OneDrive without a password.
- The FBI issued a warning about this tool targeting Microsoft 365 users.
Entities
Institutions
- FBI
- Microsoft
Sources
- Quartz —