Hackers targeting Multi Factor Authentication sophisticatedly

Cybersecurity researchers from Proofpoint have found that cyber crooks are easily see foxing users of Multifactor Authentication (MFA) these days by buying phishing kits that have the ability to bypass MFA.

Technically, MFA Phishing Kits rely on transparent reverse proxy, such as the open source Squid Transparent Proxy Server. The tech is generally used to filter content or keep a tab on employee activities on corporate networks. But threat actors are using such kits to launch man in the middle attacks and then steal session cookies or credentials.

According to a survey conducted by Duo, a company that offers technology linked to MFA, the year 2021 witnessed 78% of online users using a MFA, compared to twenty-eight percent in the year 2018.

As the technology is being used on a larger scale, it is becoming vulnerable to sophisticated attacks meant to steal credentials, such as passwords & usernames, MFA Tokens, social security numbers, bank card details and e-wallet logins.

The attack technique of hackers is simple- just send an email laced with malware planted MitM transparent reverse proxy and then gather all the credential details and internet session info as soon as the victim clicks the link.

After reading the article, you might get a feeling on how to proceed with Multi-factor Authentication and keep your online activity safe. Well, the only answer at this point is to use hardware authentication keys such as the Google Titan and Yubikey of Yubico. But again, there is trouble by opting for such solutions as well, and we will discuss them in the next article.


Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display