2025-09-25 –, Stage 1
When I ask audience about 2FA phishing or stealers ... the silence is deafening. With the exception of dude from back row: "Stealers can't get your passwords from Chrome since ca 2024 August, go home, stunthacker").
Well, "I've seen things you people wouldn't believe" - not C-beams glittering in the dark near the Tannhäuser Gate, but trying to guess organisations' password policy from leaks / stealerlogs. Much fun, not time to die, though.
So, let's run a 2FA phising campaign live against Estonian TARA auth (with scoring) and see what we can grep from some recent freely shared stealerlogs drop (as of 2025 April: 3000 logs from BreachForums rando = 183 WordPress admin cookies).
I've seen things you people wouldn't believe. I have also made mistakes you people wouldn't believe - which is fine, as I have also seen mistakes you, people, make. You wouldn't believe...