Beware of Salty2FA: New Phishing Kit Targeting Enterprises in the US and EU
September 10, 2025
Malware Analysis / Enterprise Security
Phishing-as-a-Service (PhaaS) platforms are continuously evolving, providing cybercriminals with quicker and cheaper methods to infiltrate corporate accounts. Researchers at ANY.RUN have identified a new threat: Salty2FA, a sophisticated phishing kit capable of bypassing various two-factor authentication methods and evading traditional defenses. Currently active in campaigns across the US and EU, Salty2FA threatens numerous industries, including finance and energy. Its complex execution chain, evasive infrastructure, and ability to intercept credentials and 2FA codes make it one of the most formidable PhaaS frameworks observed this year.
Why Salty2FA Poses a Significant Risk for Enterprises
With the ability to bypass push notifications, SMS, and voice-based 2FA, Salty2FA allows stolen credentials to easily lead to account takeovers. Targeting sectors such as finance, energy, and telecommunications, this kit transforms ordinary phishing emails into severe security breaches.
Identifying the Targets
ANY.RUN analysts have mapped Salty2FA campaigns and highlighted…
Malware Analysis / Enterprise Security
With the ability to bypass push notifications, SMS, and voice-based 2FA, Salty2FA allows stolen credentials to easily lead to account takeovers. Targeting sectors such as finance, energy, and telecommunications, this kit transforms ordinary phishing emails into severe security breaches.
ANY.RUN analysts have mapped Salty2FA campaigns and highlighted…
Beware of Salty2FA: Emerging Phishing Kit Targeting US and EU Businesses September 10, 2025 By BreachSpot News Team The landscape of cybersecurity threats is evolving rapidly, with Phishing-as-a-Service (PhaaS) platforms gaining momentum among malicious actors. In a recent discovery, cybersecurity analysts at ANY.RUN have identified a new phishing kit dubbed…
Beware of Salty2FA: New Phishing Kit Targeting Enterprises in the US and EU
September 10, 2025
Malware Analysis / Enterprise Security
Phishing-as-a-Service (PhaaS) platforms are continuously evolving, providing cybercriminals with quicker and cheaper methods to infiltrate corporate accounts. Researchers at ANY.RUN have identified a new threat: Salty2FA, a sophisticated phishing kit capable of bypassing various two-factor authentication methods and evading traditional defenses. Currently active in campaigns across the US and EU, Salty2FA threatens numerous industries, including finance and energy. Its complex execution chain, evasive infrastructure, and ability to intercept credentials and 2FA codes make it one of the most formidable PhaaS frameworks observed this year.
Why Salty2FA Poses a Significant Risk for Enterprises
With the ability to bypass push notifications, SMS, and voice-based 2FA, Salty2FA allows stolen credentials to easily lead to account takeovers. Targeting sectors such as finance, energy, and telecommunications, this kit transforms ordinary phishing emails into severe security breaches.
Identifying the Targets
ANY.RUN analysts have mapped Salty2FA campaigns and highlighted…