V-Help
← All news
Security

New Helix Group Targets SharePoint with Vishing and Device Code Phishing

New Helix Group Targets SharePoint with Vishing and Device Code Phishing

Photo: BleepingComputer

Quick answer

The Helix cyber group employs vishing, device code phishing, and MFA vulnerabilities to steal data from SharePoint in Microsoft 365 corporate environments.

The Helix cybercriminal group, specializing in data theft, is actively targeting Microsoft SharePoint corporate environments. Attackers use a combination of social engineering methods, including voice phishing (vishing) and device code phishing, to deceive employees into disclosing credentials or granting system access.

A key feature of Helix attacks is the exploitation of multi-factor authentication (MFA) vulnerabilities. The group uses fake verification requests to intercept one-time codes or bypass security mechanisms, enabling unauthorized access to cloud storage and confidential company data in Microsoft 365.

Cybersecurity experts note that Helix attacks focus on organizations with insufficiently protected authentication systems. To counter this threat, they recommend deploying modern MFA solutions, such as hardware tokens, and enhancing monitoring of suspicious activities in corporate networks.

Additionally, regular employee training is crucial to help them recognize phishing and vishing attempts. Special attention should be given to verifying the authenticity of access confirmation requests, especially if they come through non-standard communication channels.

Common questions

What is vishing, and how is it used in Helix attacks?
Vishing is a form of phishing that uses voice calls to deceive victims. Helix leverages it to trick employees into revealing credentials or authentication codes, gaining access to corporate systems.
What methods does Helix use to bypass MFA?
The group exploits MFA implementation flaws, such as phishing one-time codes or session hijacking, allowing attackers to bypass additional security layers and access data.
How can SharePoint be protected from Helix attacks?
Implement strict authentication policies, use modern MFA solutions like hardware tokens, and conduct regular employee training to recognize phishing attempts.
Share:

Dzen feed: /feed/dzen.xml · RSS: /feed.xml

Why trust this

Prepared by the V-Help editorial team from the primary source with a published date.

Published by: V-Help.ru news desk

Source: BleepingComputer