Hackers get better at defeating 2FA Security

Image for the article titled Hackers are getting better and better at defeating your 2FA security

Photo: DANIEL MIHAILESCU / AFP (Getty Images)

Two-factor authentication, or 2FA, has been sold to web users as one of the most important and reliable tools to secure your digital life. You probably know that how it works: By providing an account with not only your password but also secondary information (typically an automatic code sent to your phone or device of your choice), companies can verify that the person logging in to your account completely surely you and not just a fat person have managed to get their hands on your personal information.

But according to new research, the said goons have unfortunately found a number of effective ways to circumvent your 2FA protections – and they are using these methods more and more.

That examination, published by academic researchers at Stony Brook University and cybersecurity firm Palo Alto Networks, shows the recent discovery of phishing toolkits being used to sneak past authentication protection. Tool set are malicious software programs designed to help with cyber attacks. They are developed by criminals and are typically sold and distributed on dark web forums where any digital dissatisfaction can buy and use them. The Stony Brook study, which was originally reported by Gramophone records, shows that these malicious programs are being used to phishe and steal 2FA login data from users of major online sites. They are also exploding in use – with scientists finding a total of at least 1,200 different toolkits floating around in the digital underworld.

Granted, cyberattacks that could defeat 2FA not new, but the distribution of these malicious programs shows that they are becoming both more sophisticated and more widespread.

The toolkits defeat 2FA by stealing something that is undoubtedly more valuable than your password: your 2FA authentication cookies, which are files that are stored in your web browser when the authentication process takes place.

According to the investigation, said cookies can be stolen in one of two ways: A hacker can infect a victim’s computer with data-stealing malware, or they can steal cookies Underway– along with your password – before they ever reach the site trying to authenticate you. This is done by phishing the victim and capturing their web traffic through one Man-in-the-middle style attack that redirects the-traffic to a phishing site and related reverse proxy server. This way, the attacker is able to get in between you and the site you are trying to log in to – thus capturing all the information that passes between the two of you.

After a hacker silently hijacks your traffic and grabs these cookies, they can enjoy access to your account for as long as the cookie lasts. In some cases – such as social media accounts – this can take quite a long time, The Record notes.

It’s all a bit of a bummer, because in recent years, 2FA has been broadly speaking as an effective method of identity verification and account security. So again, recent research has also shown that many people do not even bother with adopting 2FA in the first place, which, if true, means we probably have bigger fish to roast in the web security department.


Leave a Comment