Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing

Summary

The Tycoon 2FA phishing group has evolved its attack methodology, moving away from traditional two-factor authentication bypass techniques to exploit legitimate device code authentication flows. By deceiving victims into authorizing device login attempts, attackers gain account access without needing to compromise passwords or bypass 2FA directly. This represents a significant tactical shift in how the group operates.

Entities