News

Hackers even get around two-factor authentication

Hackers are getting better and better, and even two-factor authentication no longer worries them.

In order to fight against cyber attacks of all kinds, users are requested to implement 2FA, also known as two-factor authentication. The latter should make it possible to add a new layer of security to our most sensitive data and many digital companies are already offering this solution.

Today banking applications, but also social networks or even Gmail offer their users to use double authentication. For many it is presented as the miracle solution that reduces the risk of cyber attacks to zero. A view can be a little too optimistic about the situation.

Concretely, two-factor authentication requires the user to enter his password (first factor), but also a code which may have been received by email or more generally by SMS (second factor). The combination of the two must make it possible to be certain that the person who connects to an account is the one to whom the account belongs and not a third person with malicious ideas.

2FA: an option already outdated

Because in reality, this functionality could already be outdated. Indeed, more and more cybercriminals manage to bypass this data protection solution, and they easily break into our accounts to steal anything that may be of any value.

According to a study by researchers at Stony Brook University, more complex phishing solutions already exist to circumvent the problems posed by two-factor authentication to hackers.

The researchers speak of a “toolbox”. The latter would have been designed by hackers and have since been on sale on several popular sites of the web berk, spreading on the web like wildfire.

A “toolbox” that is wreaking havoc

According to the study 1200 different versions of these toolkits exist on the web berk, and all of them have their own specificity. Some allow you to focus on the codes received by SMS, which are the easiest to intercept, especially when the criminals already have the victim’s phone number in their possession.

If two-factor authentication is still the most secure solution today, these toolkits show that no defense will resist forever against the onslaught of hackers and other cybercriminals, ready to do anything or almost to put the hand over our personal data.

Related Articles

Leave a Reply

Your email address will not be published.