Hackers are getting better at defeating 2FA security


Image for an article titled Hackers Get Better and Better in Defeating Your 2FA Security

Photography: DANIEL MIHAILESCU / AFP (Getty Images)

Two-factor authentication, or 2FA, is sold to web users as one of the most important and reliable tools to secure your digital life. You probably know how does it work: By giving an account not only with your password, but also with secondary information (usually automated code sent to your phone or device of your choice), companies can confirm that the one signing in to your account is definitely you, not just some successful jerk access your personal information.

However, according to new research, the aforementioned bullies have unfortunately found a number of effective ways to circumvent your 2FA protection – and are increasingly using these methods.

The study, published by academic researchers from Stony Brook University and cybersecurity firm Palo Alto Networks, shows the recent discovery of a set of identity theft tools used to go through authentication protection. Tool kits are malicious software programs that are designed to help with cyber attacks. They were designed by criminals and are usually sold and distributed on dark web forums, where any digital malicious person can buy and use them. The Stony Brook study, originally reported by Record, shows that these malicious programs are used for identity theft and 2FA login credentials from users of large online websites. They are also exploding in use – with researchers finding a total of at least 1,200 different tools floating in the digital underworld.

Admittedly, cyber attacks that can defeat 2FA are not new, but the distribution of these malware shows that they are becoming more sophisticated and increasingly used.

Toolkits win by stealing 2FA by stealing something probably more valuable than your password: your 2FA authentication cookies, which are files that are stored in your web browser when the authentication process takes place.

According to the study, said cookies can be stolen one of two ways: A hacker can infect a victim’s computer with data-stealing malware, or, they can steal the cookies in-transit—along with your password—before they ever reach the site that is trying to authenticate you. This is done by phishing the victim and capturing their web traffic through a Man -in the middle a stylistic attack that redirects the Traffic to the identity theft site and related reverse proxy server. This way, the attacker can enter between you and the website you are trying to log in to – thus capturing all the information that passes between the two of you.

Once a hacker quietly hijacks your traffic and grabs those cookies, he can enjoy access to your account as long as the cookie lasts. In some cases – such as social media accounts – it could take a long time, Notes in the Record.

It’s all a bit awkward, because in recent years it’s been 2FA broadly speaking as an effective method of verifying the identity and security of accounts. Again, recent studies have also shown that a lot of people don’t even bother with the adoption of 2FA in the first place, which, if true, means we probably have bigger fish to fry in the web security department.


Source link

Leave a Comment