Monday, April 28, 2025
HomeComputer SecurityHackers can Bypass Two-Factor Authentication with Phishing Attack

Hackers can Bypass Two-Factor Authentication with Phishing Attack

Published on

SIEM as a Service

Follow Us on Google News

Two-factor authentication is an additional layer of security on top of the username and password. It makes it harder for attackers to gain access to personal devices or accounts.

KnowBe4 Cheif Hacking Officer Kevin Mitnick demonstrates the phishing attack with a fake email that pretends to be from Linkedin, but the email actually comes from the typosquatted domain llnked[.]com.

The attack looks simple: whenever a user receives a new connection request on LinkedIn, they will be notified with an email, By clickinginterested, they will be taken to the LinkedIn account.

- Advertisement - Google News

Instead of redirecting to Linkedin it redirects to the phishing domain llnked[.]com and asks to fill in the login credentials.

After entering credentials, it triggers the 2FA check, In the same period of time, the attacker can see the victim’s username, password, and session cookie in a separate window.

Once the victim enter’s the 6 digit authentication code, it creates a session cookie that allows secure access to the site.

In the meantime, an attacker can intercept the session cookie, which can be used by an attacker to log in with the victim’s account without entering account credentials.

Now the attacker needs to visit the real LinkedIn website, inject a session cookie via developer tools, and simply hit refresh to get logged in with the victim’s account.

It’s not the first time 2FA has been hacked, says Stu Sjouwerman, founder, and CEO of KnowBe4. “There are at least ten different ways to bypass two-factor authentication,” he explains in an interview with Dark Reading.

Sjouwerman says that anti-phishing education is really important if the victim is a security-savvy hacker like this, which is impossible to complete.

White hat hacker Kuba Gretzky developed the Advanced Phishing with Two-Factor Authentication Bypass tool dubbed Evilginx. He also published a blog post explaining it’s implementation.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

RansomHub Ransomware Deploys Malware to Breach Corporate Networks

The eSentire’s Threat Response Unit (TRU) in early March 2025, a sophisticated cyberattack leveraging...

19 APT Hackers Target Asia-based Company Servers Using Exploited Vulnerabilities and Spear Phishing Email

The NSFOCUS Fuying Laboratory’s global threat hunting system identified 19 sophisticated Advanced Persistent Threat...

FBI Reports ₹1.38 Lakh Crore Loss in 2024, a 33% Surge from 2023

The FBI’s Internet Crime Complaint Center (IC3) has reported a record-breaking loss of $16.6...

Fog Ransomware Reveals Active Directory Exploitation Tools and Scripts

Cybersecurity researchers from The DFIR Report’s Threat Intel Group uncovered an open directory hosted...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

19 APT Hackers Target Asia-based Company Servers Using Exploited Vulnerabilities and Spear Phishing Email

The NSFOCUS Fuying Laboratory’s global threat hunting system identified 19 sophisticated Advanced Persistent Threat...

“Power Parasites” Phishing Campaign Targets Energy Firms and Major Brands

Silent Push Threat Analysts have uncovered a widespread phishing and scam operation dubbed "Power...

Threat Actors Register Over 26,000 Domains Imitating Brands to Deceive Users

Researchers from Unit 42 have uncovered a massive wave of SMS phishing, or "smishing,"...