Phishing Kits enable attackers to man-in-the-middle (MitM) a browser session and steal credentials and session cookies in real-time. Phishing kits are software developed to help threat actors harvest credentials and quickly capitalize on them. MFA makes attackers work harder because of increased use of multifactor authentication, experts say. Researchers at Stony Brook University and Palo Alto Networks released a paper on MitM phishing kits that identified more than 1,200 MitM sites. Experts say there is still a significant increase in attackers using MitM attacks rather than simply harvesting credentials.”]
Source: https://www.govinfosecurity.com/increasing-adoption-phishing-kits-puts-mfa-at-risk-a-18461