Ethical Hacking News
Sneaky 2FA, a phishing kit associated with PhaaS (Phishing-as-a-Service) offerings, has recently incorporated Browser-in-the-Browser (BitB) functionality into its arsenal. This development underscores the continued evolution of such offerings and further makes it easier for less-skilled threat actors to mount attacks at scale. Learn more about this emerging threat in our latest article.
Sneaky 2FA phishing kit has incorporated Browser-in-the-Browser (BitB) functionality, making it easier for threat actors to mount attacks at scale. BitB enables attackers to create fake browser windows that can masquerade as legitimate login pages, facilitating credential theft. The use of BitB in Sneaky 2FA highlights the ongoing threat posed by phishing kits to user security and the need for robust security measures. Attacks using BitB can bypass traditional security measures like CAPTCHA and Cloudflare Turnstile. The incorporation of BitB underscores the importance of browser security in preventing phishing attacks.
Sneaky 2FA, a phishing kit associated with PhaaS (Phishing-as-a-Service) offerings, has recently incorporated Browser-in-the-Browser (BitB) functionality into its arsenal. This development underscores the continued evolution of such offerings and further makes it easier for less-skilled threat actors to mount attacks at scale.
The introduction of BitB in Sneaky 2FA is notable because it enables attackers to create fake browser windows that can masquerade as legitimate login pages, thereby facilitating credential theft. According to Push Security, this technique is designed to mimic the normal function of in-browser authentication by simulating a pop-up login form with an iframe pointing to a malicious server.
The expansion of Sneaky 2FA's capabilities highlights the ongoing threat posed by phishing kits to user security. With PhaaS offerings becoming increasingly professionalized, attackers are incentivized to refine and enhance their phishing infrastructure. The use of BitB in Sneaky 2FA is just one example of this trend, as it allows attackers to bypass traditional security measures such as CAPTCHA and Cloudflare Turnstile.
The incorporation of BitB into Sneaky 2FA also underscores the importance of browser security in preventing phishing attacks. Browser-in-the-Browser techniques like BitB can be particularly effective at deceiving users into entering their credentials on a fake page, thereby exfiltrating sensitive information to the attacker.
Moreover, the use of Bot Protection Technologies such as CAPTCHA and Cloudflare Turnstile to prevent security tools from accessing phishing pages, is also being employed by attackers. Additionally, conditional loading techniques are used to ensure that only intended targets can access these malicious pages while filtering out other users or redirecting them to benign sites instead.
The rise of PhaaS offerings has created new avenues for threat actors to carry out attacks on a larger scale. The increasing sophistication of phishing kits like Sneaky 2FA underscores the need for robust security measures and ongoing vigilance among users and organizations alike.
In addition, recent research has highlighted the possibility of employing malicious browser extensions to fake passkey registration and logins. This technique, known as the Passkey Pwned Attack, takes advantage of the lack of secure communication between a device and a service, allowing attackers to manipulate the authentication process by leveraging rogue scripts or extensions.
The expansion of Sneaky 2FA's capabilities also underscores the need for organizations to adopt conditional access policies to prevent account takeover attacks. By restricting logins that do not meet certain criteria, organizations can help mitigate the risk posed by phishing kits like Sneaky 2FA.
In conclusion, the incorporation of BitB in Sneaky 2FA highlights the ongoing threat posed by phishing kits to user security. As attackers continue to evolve and refine their techniques, it is essential for users and organizations to remain vigilant and adopt robust security measures to prevent these types of attacks.
Related Information:
https://www.ethicalhackingnews.com/articles/Sneaky-2FA-Phishing-Kit-Expands-Its-Deceptive-Capabilities-A-Growing-Threat-to-User-Security-ehn.shtml
https://thehackernews.com/2025/11/sneaky-2fa-phishing-kit-adds-bitb-pop.html
https://pushsecurity.com/blog/analyzing-the-latest-sneaky2fa-phishing-page
Published: Tue Nov 18 13:22:12 2025 by llama3.2 3B Q4_K_M
