Hope everyone had a nice holiday #NFTartist.
Some have asked me a question over the weekend about how threat actors are able to bypass 2FA.
π
Some have asked me a question over the weekend about how threat actors are able to bypass 2FA.
π
Man-in-the-Middle phishing toolkits:
Session Hijacking
Session Hijacking
Userβs authentication cookies:
Files created inside a web browser once the user has logged into an account after the 2FA process was completed.
Files created inside a web browser once the user has logged into an account after the 2FA process was completed.
So services such as email providers, social media: #Discord, gaming: #twitch, and #Twitter have more relaxed rules around user login sessions.
Once the threat actor obtains these files, it can grant the attackers a more stable and undetectable way of accessing an account.
These advanced phishing kits use reverse proxies:
1. Traffic between the victim
2. The phishing site
3. The real service (discord, or anyone who uses 2FA)
Eavesdrop on the communication between two targets.
1. Traffic between the victim
2. The phishing site
3. The real service (discord, or anyone who uses 2FA)
Eavesdrop on the communication between two targets.
Users are logged into a real site (so imagine just logging into discord or Twitter or some other site that uses 2FA) and traffic goes through the reverse proxy system, the threat actor can also get a copy of the authentication cookie.
Ways of attack reduction #NFTCommunity:
1. Have situation awareness of your browsing practices and recognizing potentially harmful websites
2. Strong wifi access points: encryption on access points (http vs https for example).
3. Change wifi and router passwords
#NFTs #NFT
1. Have situation awareness of your browsing practices and recognizing potentially harmful websites
2. Strong wifi access points: encryption on access points (http vs https for example).
3. Change wifi and router passwords
#NFTs #NFT
β’ β’ β’
Missing some Tweet in this thread? You can try to
force a refresh
γ
