cybersecurityphishingMicrosoft 365Small and Medium BusinessesCanada

ARToken PhaaS exposes EvilTokens' Microsoft 365 phishing toolkit

July 3, 2026

Back to all posts

Source: BleepingComputer

In a significant development, the infamous cybercrime group EvilCorp has inadvertently exposed their Microsoft 365 phishing toolkit named EvilTokens via ARToken PhaaS (Phishing-as-a-Service). The leak occurred when EvilCorp accidentally made the toolkit's source code available on a public GitHub repository. This incident highlights the increased risk of cyber attacks targeting Canadian SMBs, as phishing remains one of the most prevalent methods used by hackers to gain access to sensitive data. To protect their businesses, Canadian SMB owners and IT managers should prioritize regular security audits, employee training on recognizing phishing attempts, and implementing multi-factor authentication for all critical systems, particularly Microsoft 365 accounts.
cybersecurityphishingMicrosoft 365Small and Medium BusinessesCanada

Concerned about this threat to your business?

We help Canadian SMBs deploy the controls discussed in this article. Free 30-minute assessment — no obligation.

Book a free assessment