22-2-2025 (NEW YORK) A sophisticated phishing kit that can circumvent two-factor authentication (2FA) security measures has emerged, raising serious concerns among cybersecurity experts. The tool, dubbed Astaroth—after a demon from medieval demonology—represents a significant threat to what has long been considered one of the most reliable methods of account protection.
Security researchers at SlashNext have uncovered this alarming development, which specifically targets users of major platforms including Google, Microsoft and Yahoo. The kit employs an advanced technique to capture both login credentials and authentication codes in real-time, effectively rendering traditional 2FA protections obsolete.
“This breakthrough in malicious technology poses a substantial risk to individuals and organisations alike”, says Dr James Harrison, a cybersecurity researcher at Imperial College London. “What makes this particularly concerning is the tool’s ability to operate in real-time, intercepting authentication codes as they’re being used”.
The mechanism behind Astaroth’s operation is deceptively simple yet highly effective. Users receive seemingly legitimate links directing them to carefully crafted duplicate login pages that mirror authentic platforms with remarkable accuracy. When unsuspecting victims input their credentials and subsequent 2FA codes, the information is instantly harvested by the attackers.
Reports indicate that this sophisticated kit is currently being traded on dark web marketplaces for approximately $2,000, making it readily accessible to cybercriminals with modest resources.
In response to this emerging threat, security experts are advocating for the adoption of more robust authentication methods. “Passkeys represent the next evolution in account security”, explains Sarah Mitchell, chief security officer at a leading British tech firm. “Unlike traditional 2FA, passkey systems leverage biometric data or device-specific credentials, making them significantly more resistant to phishing attempts”.
Users are strongly advised to exercise increased caution when accessing login pages, particularly those reached via email links. Technology giants including Apple, Google, and Microsoft have already implemented passkey support across their platforms, offering users a more secure alternative to traditional authentication methods.
