Attackers Exploit Windows Phone Link to Deploy RAT and Bypass 2FA

Attackers are exploiting Windows Phone Link, a feature bridging PCs and smartphones, to deploy the CloudZ remote access trojan (RAT) and a new plug-in called Pheno. These hard-to-detect attacks enable threat actors to hijack the connection, steal text messages, and bypass two-factor authentication (2FA). No specific threat actor groups, dates, or CVE identifiers were mentioned in the reported activity. The attacks target the Windows-based functionality linking mobile devices to desktops, though no geographic or organizational scope was specified. The primary impact includes unauthorized access to sensitive communications and circumvention of security controls like 2FA.