ARToken PhaaS exposes EvilTokens' Microsoft 365 phishing toolkit
The ARToken PhaaS platform functions as an affiliate of the EvilTokens toolkit, enabling attackers to execute Microsoft 365 account takeovers through device code phishing. This service automates business email compromise and grants unauthorized access to Outlook, SharePoint, and OneDrive by exploiting OAuth 2.0 authentication workflows.