The Rise of Bypassing 2FA/MFA

The world of Cybersecurity is always evolving. Having a 2-Factor/Multi-Factor Authentication method was usually enough to thwart attackers from gaining access to your valuables. In the past few weeks, one specific authentication method is under attack. Let’s start with Stellar Twitter account. It was compromised by a SIM Swap. Pausing for the new readers. A SIM Swap happens when someone is able to impersonate you and transfer your number to a device owned by them. This could have happened over the phone or in person at the store. You will not notice if you are chilling on Wi-Fi and using your iMessage possibly. Now that you understand this quick attack, I can explain how this all happens.

When you signed up for Twitter, in the past few years, a phone number was likely required. If you keep with any cybersecurity updates, you will have been urged or forced to use your phone number for MFA on most accounts you own, as well as Twitter. Things have changed. Malicious actors can now use your phone number to steal your Social Media and other important accounts. After you are SIM Swapped, all available logins are almost immediately compromised. Your number will be used to login, verify as you, and change any methods you may have been able to attempt recovery with. That is the standard goal of swapping the number. SMS-based authentication methods have been advised against for this reason.

SIM Swap to Steal Twitter Account

A wave of attacks on Twitter have all had one user failure in common. Why are we blaming the victims? They need help and support! They also need to use an Authenticator App instead of SMS-based 2FA/MFA. Accounts are being compromised and used to post phishing links. Phishing is simply the attempt by hackers or any actor to solicit information from you via email, phone, or even in person. The most common phishing attacks were emails before links could be shared in mass on media platforms. Now, phishing comes via SMS, email, impersonation calls and on your social media timeline. A familiar topic, Wallet Drainers, is at the heart of this. Pink Drainer customers have been behind many of these but other drainer customers are likely to take part in the profitability of using high profile accounts to post links.

Twitter Blue allows you to use a phone number, but the option was said to be unavailable to non subscribers. This is where interesting things begin. It would appear users were encouraged to subscribe to be allowed to use their SMS login. I advise users to do one extra step after setting up an account on an app you may be about to lose: install an app like Authy. Use an Authentication App!! The risk of losing your device still exists, but a SIM swap can be stopped in most cases if your 2FA method is not the stolen number. A rare case will be revealed soon.

Lesson of today, stop using SMS, and be very careful with email. It might be time to cycle your passwords and make the change from SMS to Authentication Apps. Actually, it is. DO IT!

0xSaiyanGod

The Rise of Bypassing 2FA/MFA

The world of Cybersecurity is always evolving. Having a 2-Factor/Multi-Factor Authentication method was usually enough to thwart attackers from gaining access to your valuables. In the past few weeks, one specific authentication method is under attack. Let’s start with Stellar Twitter account. It was compromised by a SIM Swap. Pausing for the new readers. A SIM Swap happens when someone is able to impersonate you and transfer your number to a device owned by them. This could have happened over the phone or in person at the store. You will not notice if you are chilling on Wi-Fi and using your iMessage possibly. Now that you understand this quick attack, I can explain how this all happens.

When you signed up for Twitter, in the past few years, a phone number was likely required. If you keep with any cybersecurity updates, you will have been urged or forced to use your phone number for MFA on most accounts you own, as well as Twitter. Things have changed. Malicious actors can now use your phone number to steal your Social Media and other important accounts. After you are SIM Swapped, all available logins are almost immediately compromised. Your number will be used to login, verify as you, and change any methods you may have been able to attempt recovery with. That is the standard goal of swapping the number. SMS-based authentication methods have been advised against for this reason.

SIM Swap to Steal Twitter Account

A wave of attacks on Twitter have all had one user failure in common. Why are we blaming the victims? They need help and support! They also need to use an Authenticator App instead of SMS-based 2FA/MFA. Accounts are being compromised and used to post phishing links. Phishing is simply the attempt by hackers or any actor to solicit information from you via email, phone, or even in person. The most common phishing attacks were emails before links could be shared in mass on media platforms. Now, phishing comes via SMS, email, impersonation calls and on your social media timeline. A familiar topic, Wallet Drainers, is at the heart of this. Pink Drainer customers have been behind many of these but other drainer customers are likely to take part in the profitability of using high profile accounts to post links.

Twitter Blue allows you to use a phone number, but the option was said to be unavailable to non subscribers. This is where interesting things begin. It would appear users were encouraged to subscribe to be allowed to use their SMS login. I advise users to do one extra step after setting up an account on an app you may be about to lose: install an app like Authy. Use an Authentication App!! The risk of losing your device still exists, but a SIM swap can be stopped in most cases if your 2FA method is not the stolen number. A rare case will be revealed soon.

Lesson of today, stop using SMS, and be very careful with email. It might be time to cycle your passwords and make the change from SMS to Authentication Apps. Actually, it is. DO IT!

0xSaiyanGod