FlowerStorm and AuthQuake Highlight Evolving Cybersecurity Challenges
Security researchers have raised concerns about the recent emergence of FlowerStorm, a potential evolution of the Rockstar 2FA exploit service. While the demise of Rockstar 2FA, which faced infrastructure issues and became less accessible, might seem positive, Sophos researchers warn that FlowerStorm could pose similar threats.
A report from Sophos X-Ops highlighted that following Rockstar 2FA’s disruption, there has been an increase in the use of platforms associated with FlowerStorm. This name derives from the plant-related terminology found in many of its phishing page titles. The FlowerStorm phishing-as-a-service resource exhibits several similarities to Rockstar, including its phishing portal formats and backend server connections. According to Sophos, FlowerStorm has been operational since at least June 2024.
Google and Microsoft users are advised to remain vigilant for phishing attempts, as these are often the starting point for 2FA bypass attacks. A Google spokesperson noted the company’s numerous protective measures, including passkeys that significantly mitigate the risks of phishing and social engineering attacks.
In a related issue, researchers from Oasis Security identified a critical vulnerability in Microsoft’s 2FA implementation, dubbed AuthQuake. This vulnerability allowed attackers to bypass the 2FA protection for Office 365 accounts by exploiting a method to circumvent the 10-attempt code fail limit. Oasis demonstrated that this attack could be executed in under 70 minutes with a 50% success rate and required no user interaction.
Microsoft addressed this vulnerability with a fix deployed on October 9, although specific details remain confidential. Jason Soroko of Sectigo emphasized the need for organizations to adopt more secure authentication methods, advocating for a shift towards passwordless solutions to enhance security against similar vulnerabilities.
2W Tech offers robust cybersecurity solutions designed to protect businesses from evolving threats like FlowerStorm and AuthQuake. With expertise in IT infrastructure, managed technology programs, and security solutions, 2W Tech helps organizations enhance their security posture. We provide comprehensive assessments, implement advanced security measures, and offer continuous monitoring to safeguard critical systems. By leveraging our partnership with leading technology providers, 2W Tech ensures that clients have access to the latest innovations in cybersecurity, helping them mitigate risks and maintain a secure operational environment.
Read More: