‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA

Posted on March 10, 2026

A stealthy new phishing-as-a-service offering lets customers use cleverly disguised links to load the target brand’s real website, and then acts as a relay between the victim and the legitimate site – forwarding the victim’s username, password and multi-factor authentication (MFA) code to the legitimate site and returning its responses. “The attacker captures the resulting session cookies and tokens, giving them authenticated access to the account,” the researchers wrote. “When attackers relay the entire authentication flow in real time, MFA protections can be effectively neutralized despite functioning exactly as designed.”

Relevant URL: https://krebsonsecurity.com/2026/02/starkiller-phishing-service-proxies-real-login-pages-mfa/

Trusted Cybersecurity Advisors

Secure Your Bank's Future

Partner with our skilled specialists to unlock advanced cybersecurity and compliance solutions tailored to your bank's unique needs. Benefit from our expertise and experience in providing robust protection for financial institutions across the nation. Don't hesitate - secure your bank's future today.

Contact Our Experts

‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA

Newsletter Signup

Related Posts

Secure Your Bank's Future