Hackers are successfully attacking Gmail, Yahoo Mail and ProtonMail by beating two-factor authentication

The report advised users to move to hardware-based security tokens for privacy-conscious users to safeguard against such phishing attacks.

  • Published: December 21, 2018 12:21 PM IST
Hacker stock image

Cybersecurity is probably the primary segment that every internet user should be aware with if they want to safeguard themselves against any harm. The harm here may range from financial to personal data or identity. The world has progressively moved to the internet but not a whole lot of users are aware of how to protect themselves against hackers and other malicious elements online. Amidst this lack of awareness, the increasing number of hacking attacks on online services and websites is also a problem. Problem because here the precautions taken by the users may not matter if the company itself fails to protect the data from their end.

In all of this madness, a significant portion of the internet has gone ahead and embraced two-factor authentication, a technique also known as 2FA where users register their mobile number on the service and the company sends them an authentication code while asking for the account password. The way 2FA works is by double checking that you are the actual account holder who has access to her or his phone at almost all times. 2FA is considered one of the most reliable methods as it will also protect users even if the hackers get access to your password after hacking in the company.

Watch: OnePlus 6T – Warp Charge vs Dash Charge Compared

Though, what would you do when the hackers and malicious elements go about attacking your accounts and even managing to surpass and beat the 2FA system. But, it is not just a hypothetical situation as hackers are indeed beating the 2FA with the help of phishing attacks. According to a comprehensive report by Amnesty International, hackers are targeting internet users in the Middle East and North Africa with these attacks.

Though, beating 2FA is nothing new according to documents by NSA as noted by Motherboard Vice. But, this is one of the rare times where hackers are using phishing to first capture the username and password of the user, then make the 2FA request on behalf of the user and then ask the user to enter the authentication key to break into the account.

The report noted that the hackers have automated the process along with a fake login page for email services including Gmail, Yahoo, ProtonMail and more. This means that everything is carried out without the need to a hacker to oversee or do any manual work. The report noted that this means that bypassing 2FA is not limited to high-level hackers.

According to the report, hackers have attacked “more than a thousand Google and Yahoo accounts” in the region in the last two years. Some attacks even asked the users to enter their mobile number to confirm that data in order to request for the 2FA code. At the same time, the phishing tool also creates a separate password, usually an app password that will then allow third-party apps to have continued access to the account.

The report also noted that some hackers also used services such as ShuttleCloud to make a clone of Yahoo accounts under separate Gmail IDs that were under the control of the hackers. It also advised users to move to hardware-based security tokens for privacy-conscious users to safeguard against such phishing attacks.

  • Published Date: December 21, 2018 12:21 PM IST