Tag: 2fa

New phishing attack steals your Instagram backup codes to bypass 2FA
News

New phishing attack steals your Instagram backup codes to bypass 2FA

A recent phishing attempt posesing as a "copyright infringement" email aims to obtain Instagram users' backup codes so that hackers can disable the two-factor verification set up on the account. As a security measure, two-factor authentication asks users to provide an extra form of identification when they log into their accounts. Typically, hardware security keys, codes from an authentication app, or one-time passcodes sent via SMS text message are used for this verification. By requiring access to your email or mobile device for the threat actor to gain access to your protected account, 2FA helps safeguard your accounts in the event that your credentials read more New phishing attack steals your Instagram backup codes to bypass 2FA. Get up to date on the latest cybersecurity ne...
Google Fi hack victim had Coinbase, 2FA app hijacked by hackers
Risk, Security

Google Fi hack victim had Coinbase, 2FA app hijacked by hackers

A technologist going by the handle regexer received an email from Coinbase on January 1 confirming that he had successfully reset his account. Unfortunately, and this is concerning, he had not in fact asked for a password reset.  Regexer instantly noticed he was being hacked and tried unsuccessfully to log into his Coinbase to restore control. Regexer asked to be referred to by his online alias out of concern that he might be attacked by hackers once more. He soon discovered he had lost cell phone coverage. Then, he received a notification from his two-factor app, Authy, saying that a new device ha...
Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. Officials
News

Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. Officials

A new, specifically targeted phishing campaign has focused on the Kavach two-factor authentication system, which is utilised by Indian government employees. The activity was called STEPPY#KAVACH by the cybersecurity company Securonix, which attributed it to the threat actor SideCopy based on tactical similarities to other operations. In a recent report, Securonix researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov stated that ".LNK files are used to commence code execution which finally downloads and runs a malicious C# payload, which operates as a remote access trojan (RAT)". According to reports, the hacking group SideCopy, which has been active at least since 2019, has connections to Transparent Tribe, another actor (aka APT36 or Mythic Leopard) read the complete article Kav...