Tycoon 2FA Phishing Platform Dismantled in Global Takedown

Europol, Microsoft, and cybersecurity companies on Wednesday announced a joint effort to take down the widely used phishing-as-a-service platform Tycoon 2FA.

Tycoon 2FA is a subscription-based platform that enables threat actors to impersonate users, create phishing pages, and bypass multi-factor authentication (MFA). It has allowed malicious hackers to intercept authentication sessions and gain access to targeted email and cloud accounts without triggering alerts.

“Tycoon 2FA combined convincing phishing templates, realistic landing pages, and real‑time capture of credentials and authentication codes into an easy‑to‑use package that scaled quickly. By lowering the technical barrier to entry, it allowed criminals with limited expertise to run sophisticated impersonation campaigns,” Microsoft said.

According to the tech giant, Tycoon 2FA accounted for roughly 62% of the phishing attempts it blocked last year. The platform had been used to send out tens of millions of phishing emails to 500,000 organizations every month.

“Despite ...