TI Mindmap HUB
Threat Intelligence Report

New widespread EvilTokens kit: device code phishing as-a-service โ€“ Part 1

๐Ÿ“… April 9, 2026 ๐Ÿ“ฐ blog.sekoia.io ๐Ÿ” 0 CVE(s) referenced

EvilTokens is a rapidly adopted Phishing-as-a-Service kit that enables cybercriminals to bypass MFA and hijack Microsoft 365 accounts at scale using advanced device code phishing techniques, automation, and post-compromise tools for persistent Business Email Compromise.

vendor

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

๐Ÿ” Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

๐Ÿ“Š Visual Mindmap
๐ŸŽฏ IOC Extraction
โš”๏ธ MITRE ATT&CK TTPs
๐Ÿ“ฆ STIX 2.1 Bundle