FBI-Flagged Phishing Kit Kali365 Expands Its Reach

Summary

Kali365, a phishing-as-a-service platform previously flagged by the FBI for targeting Microsoft 365 users, has expanded its attack scope to include AWS, Okta, and Russian cloud platforms. The toolkit leverages device code phishing techniques to bypass multi-factor authentication and harvest credentials. This expansion demonstrates the evolving sophistication of commercially available phishing infrastructure and the broadening threat to enterprise authentication systems across multiple cloud providers.

Indicators of Compromise

• malware — Kali365

Entities