FlowerStorm

Also known as: FlowerStorm

FlowerStorm is a phishing-as-a-service platform that mimics legitimate services to bypass multi-factor authentication structure. The majority of its targets are located in North America and Europe, with a significant focus on organizations in the United States. FlowerStorm’s operational mistakes have led to vulnerabilities that can be exploited for disruption and analysis.

Introduction

FlowerStorm is a phishing-as-a-service platform that mimics legitimate services to bypass multi-factor authentication structure. The majority of its targets are located in North America and Europe, with a significant focus on organizations in the United States. FlowerStorm’s operational mistakes have led to vulnerabilities that can be exploited for disruption and analysis.

Activities and Tactics

Information pending cataloguing.

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

  • UNITEDRAKE:
  • Xploit:

Attribution and Evidence

Information pending cataloguing.

References

References pending cataloguing.