A pentest tool walked into a cloud tenant and said, “I swear, I’m just here for research.” But as latest findings reveal, the tool in question Team Filtration has found itself repurposed for much shadier business.
Originally crafted by researcher Melvin Langvik and unveiled at DEFCON 30, Team Filtration was meant to help ethical hackers test Microsoft Entra ID (formerly Azure AD). Fast forward to2025, and it’s now the star of an account takeover (ATO) campaign dubbed UNK_SneakyStrike—because apparently, one sneaky threat actor is all it takes to cause chaos across 100cloud tenants and target 80,000+ user accounts.
How the Attack Works
UNK_SneakyStrike isn’t just throwing spaghetti at the cloud wall, it’s using Team Filtration to strategically spray passwords and enumerate accounts using Microsoft Teams APIs. With a little help from AWS (yes, attackers have cloud infrastructure too), the framework rotates IPs by region, making each login attempt look like a casual visit from different corners of the globe.
Once inside? It’s open season on conditional access misconfigs. Langvik himself admitted that during a legit engagement, MFA was enabled on everything… except Teams. One gap, one foot hold, one ops—access granted.
And if that wasn’t enough, the attackers are also leveraging Microsoft’s "family refresh tokens" (FRTs)to pivot inside the Entra ecosystem, minting access tokens like it's free candy. That’s how they get persistent access—without triggering alarm bells.
Data Exfil, at Scale
Once Team Filtration lands a valid login, it shifts into high gear:
• Chat logs? Stolen.
• Attachments? Gone.
• Contacts? Consider them scraped.
Langvik called this the "bread and butter" of the tool—and with good reason. The framework automates exfil like it was built to be a full-time archivist for cybercriminals.
The Fallout of December 2024
The activity peaked around January 2025, as UNK_SneakyStrike hit the gas. The campaign’s targeting is clever:
- In small tenants: go after everyone.
- In larger tenants: cherry-pick juicy users.
It’s smart. It’s aggressive. And it’s making pentest tools look bad.
Why This Matters
The takeaway? Even “legit” tools can turn rogue when they fall into the wrong hands. Team Filtration’s cloud-native, API-friendly approach makes it harder to detect than your average brute-force script. It blends in, like a wolf in enterprise collaboration clothing.
What You Should Do
Enable MFA on everything, not just the obvious apps.
Review conditional access policies like your cloud depends on it (because it does).
Use behavioral analytics to detect weird logins that look normal.
Stay threat informed. Tools like Team Filtration aren't the last of their kind.
Team Filtration may have been built for defense, but as UNK_SneakyStrike shows, it’s now playing offense, and it’s doing it very well.
.png)
.png)