Chinese Hackers Find a Way to Bypass Two Factor Authentication

Two-factor authentication requires users to verify themselves through two different authentications to better secure their accounts and privacy. It is a commonly used and recommended security protocol as it adds an additional layer of security, making it more difficult to compromise.

However, a group of hackers (APT20) has managed to bypass 2FA in attacks against industry targets.

These cyberattacks targeted multiple countries including Brazil, America, England, China, Spain, Italy, Germany, Portugal, Mexico, and France where the primary targets were healthcare, finance, insurance, and aviation companies.


ALSO READ

Critical Vulnerability in Twitter Could Let Hackers Take Over Your Phone


In one of APT20’s attacks, the group successfully breached an unnamed company’s highly secured 2FA protocol and obtained software tokens to generate legitimate software license keys at will.

They used web servers in combination with VPNs as an initial point of entry to cover their tracks. They made use of already existing hardware tools on the target system instead of using customized malware as well. This is how the attack managed to stay undetected for a long time since using malware would’ve immediately flagged their activity.


ALSO READ

PTA Approaches Whatsapp, Demands Explanation on Hacking Incidents


However, while 2FA getting compromised is indeed concerning news, it is a highly sophisticated process that is relatively rare. Thus, this is no reason to stop using 2FA entirely especially since it is still one of the more robust security systems compared to the rest.


The PSL 2020 is almost here! Want to know everything about it? Visit the pages below (Live stream will be available when the matches begin).
PSL Live Streaming PSL Points Table | 2020 PSL Teams PSL 2020 Schedule PSL 2020 Highlights PSL 2020 Statistics


>