Hacker purged two-factor security just by automated phishing attacks

Surely many people still believe that protecting online accounts with two-factor authentication can be an effective way to fight hackers, but after the incident, we may need to think think! 2-factor security system is not as perfect as we thought. According to human rights group Amnesty International, an anonymous group of hackers easily broke through the two-factor security wall and cheated more than 1,000 people.

Specifically, this group on December 20 announced a report detailing phishing attacks, targeting journalists and activists in the Middle East and North Africa through the use of fake email and other login pages stealing information.

The goal behind these attacks is to trick victims into giving their Google and Yahoo accounts access to hackers, even if they have used two-factor authentication."What makes these attacks so complex and effective is the way they overthrow the digital security strategies that are applied to the goals, this is a stylistic process. Long-lasting beams, 'Amnesty International said in a report on the incident.

Hacker purged two-factor security just by automated phishing attacks Picture 1

If you don't already know, two-factor authentication is a security measure designed to protect your online accounts in case your password is stolen.It works like this: when you try to access your account, you not only have to enter your login information normally but also provide an extra special authentication code (one-time use). sent via my phone.

Unfortunately, the special codes generated by the two-factor authentication system are usually just a series of random numbers, and this is the critical weakness of this security method.The hacker's job will be to take over the authentication code.

Amnesty International said the group of hackers behind the attack targeted human rights activists have eliminated two-factor authentication by sending fake but very convincing security alerts, like from Google. or Yahoo.The alerts will assume that the victim's account may have been compromised and provide a link to the official login page for the user to reset the password."For most users, a reminder from big companies like Google about changing passwords is enough to convince them to follow, and hackers have captured and exploited this psychology of users. ", Amnesty International added.

Hacker purged two-factor security just by automated phishing attacks Picture 2

Hackers have created a rogue process to fraudulently steal both the victim's password and two-factor authentication code.This conclusion was made after Amnesty International investigated suspicious emails that the organization received from human rights activists and journalists.To check the attacks, they created a disposable Google account and then accessed one of the phishing emails.As a result, the phone number associated with that Google account has received an SMS containing a fake Google verification code, but looks very much like a valid code.

In addition, the organization investigated how hackers created phishing scams and found that the group of anonymous hackers unknowingly published an online directory they were using. used to store data about your attacks.

According to Claudio Guarnieri, a technology expert at Amnesty International, hackers who have basically built an 'automated pilot' system will launch Chrome and use it to automatically send the login details taken. Stealing from users to designated services, including two-step verification codes sent via SMS.

The automated information gathering process of hackers is very important because it allows them to enter the authentication code once to the actual Google or Yahoo login page, before the code expires.

Often, people who are interested in receiving two-factor authentication codes via SMS can also receive codes through authentication applications, not just SMS, and these codes are changed every few seconds.Amnesty International did not immediately answer the press question about whether this would affect applications, but an organization technician said that "the same approach could be used for code scams from 2FA applications like Google Authenticator ".

Hacker purged two-factor security just by automated phishing attacks Picture 3

This human rights organization still recommends that people apply two-factor authentication, but must also know that the system still has certain limitations, not perfect as people think, so don't be foolish. think that he is completely safe.For example, donor groups are fully equipped with resources as well as resources to create sophisticated scams to circumvent existing safeguards.In addition to phishing attacks, they may also try to infect malware for your PC to steal information.

"Individuals in sight and human rights defenders are often the target of phishing attacks and it is important that they are equipped with the right knowledge."

If you are willing to withdraw your wallet to cover more information security issues, you can also invest in security keys to protect your online accounts.They work by replacing the two-factor authentication process with a hardware-based device, and this device will need to be connected to your PC, thereby helping to log in to this account and account as well. will be better protected.The big plus of security keys is that it is difficult for hackers to steal, simply because it is a hardware device and to steal it, the attacker must personally come and get it from you.Not all online services support this form of security, but you can use it to protect your account on popular services like Google, Facebook, Dropbox and Twitter.

See more:

1. Warning: New extortion code GandCrab is attacking Vietnamese Internet users
2. Quora's question and answer page was attacked, causing 100 million users to leak personal information
3. The provisions of the Criminal Code relate to the field of information technology and telecommunications networks