Hacking toolkits to bypass two-factor authentication actively selling on Dark Web






Two-factor authentication has become a must for online presence these days. We see every digital platform touting it as the most important security step for your account. While the claim might put you at peace, know that there are established ways of getting around this security wall. Even more concerning is the fact that there is little to nothing that you can do to prevent these hacks.

The reason why two-factor authentication is hailed as the epitome of online security is that it employs two different levels of security codes. One is the password that you have set for your account, while the other is the randomly generated code that you receive (through text or code generators) right at the time of login (or whenever required). Since it is only possible for you to know the random code, your account is presumably safe even if your password is compromised.

But hackers have found several ways over time to bypass this seemingly foolproof system. Initially, these ways relied on simple voice phishing to get the random code out of the account holder by duping him/ her on some pretext. Now, these attempts at hacking 2FA have become more sophisticated.

A new study points out that they are also becoming increasingly common in the hacker community.

Research conducted by researchers from Stony Brook University and cybersecurity firm Palo Alto Networks has found numerous “phishing toolkits” that can be used to hack 2FA setups. First spotted by The Record, the study also mentions that these toolkits are actively being sold on the dark web, to anyone wanting to hack an account using it.

Bypassing Two-Factor Authentication

As noted in the study, researchers have managed to find over 1,200 phishing toolkits online. These toolkits contain malicious codes that enable a hacker to launch sophisticated cyber attacks on a target. These attacks are specifically meant to steal 2FA authentication cookies from a system, thus allowing a hacker to bypass 2FA security.

This is done through what is called Man-in-the-Middle (MITM) attacks, wherein a hacker is able to redirect the traffic from a victim’s computer through a phishing site that employs a reverse proxy server. The attacks thus…

Source…