Market News- Coinbase, Microsoft, and Europol shut down the Tycoon 2FA phishing network used to bypass account security.
- The platform sent millions of phishing emails and targeted nearly 100,000 organizations worldwide.
Coinbase has worked with Europol and Microsoft to shut down the large phishing network called Tycoon 2FA. This operation has targeted the platform that allied criminals use to bypass the security protection and gain access to the online accounts. Authorities say that the platform has been active since 2023.
𝗛𝗼𝘄 𝗶𝘁 𝘀𝘁𝗮𝗿𝘁𝗲𝗱:
Criminal organization Tycoon 2FA was offering a phishing-as-a-service platform.𝗛𝗼𝘄 𝗶𝘁’𝘀 𝗴𝗼𝗶𝗻𝗴:
Coinbase partnered with Microsoft & law enforcement to trace payments, identify Tycoon’s administrator, and coordinate a service disruption. pic.twitter.com/G2YTaBzLZh— Coinbase 🛡️ (@coinbase) March 4, 2026
How Investigators Traced
According to Coinbase, investigators were able to trace the blockchain transactions connected to the Tycoon 2FA and helped law enforcement identify the suspected administrator of the service, as well as several users who purchased access to the platforms. The company added that it will continue working with the authorities to identify more individuals who used the phishing tools.
Tycoon 2FA worked as a subscription-based toolkit that hackers and criminals could pay for to access and use the tools to launch phishing attacks. This platform allows attackers to send fake emails and collect login details from users, which can intercept authentication sessions. This system could steal session cookies, which allowed hackers to enter accounts without triggering security alerts.
Investigators say that these phishing networks have generated tens of millions of phishing emails every month and attracted nearly 100,000 organizations worldwide. Victims mostly included schools, hospitals, companies, and government institutions. The platform was responsible for about 62% of phishing attacks blocked by the Microsoft security systems.
However, the phishing attack has decreased to 83% in 2025 when compared to the previous years, but the fear remains the same. Security researchers say that attackers are now using more advanced methods, which include smart contract exploits and signature-based scams. The shutdown of the Tycconn 2FA platform marks a major step in cybercrime. Experts are still warning about phishing attacks.
Highlighted Crypto News:
From Bear Trap to Breakout? Ethereum (ETH) Tests a Crucial Momentum Shift After a 7% Jump