Skip to main content

Here Is How Hackers Bypass Google’s Two-Factor Authentication

Here Is How Hackers Bypass Google’s Two-Factor Authentication
  

Here Is How Hackers Bypass Google’s Two-Factor Authentication

By on Security news, Technology

Hackers Bypass Google’s Two-Factor Authentication By Taking Social Engineering To A New level

You may have read reports of Gmail accounts being hacked despite the user having enabled the famed Google 2FA or two-factor authentication. This is because hackers are employing a new strategy to lure gullible users to hand over the 2FA code.
Some people can be tricked into disclosing their two-factor authentication code to criminals, as there is a new sly trick that makes them think that are in fact protecting their accounts while doing so.
Two-factor authentication (referred 2FA) is an important safety measure current mainstream of online services, from banks to Google, Facebook, and government agencies who have gradually adopted the security measures. In the two-factor authentication to protect the account needs to log operation when you need to enter a verification code to send SMS text messages, or even enter the correct password will be blocked by the system.
The login is classified as a hacking attempt, if the user doesn’t enter the code quickly, and the user is blocked from accessing the account, even if they entered the correct password.
Alex MacCaw, co-founder of Clearbit.com, tweeted out the image of an SMS he had just received on his Twitter. Anonymous attacker sent a phase MacCaw posing Google’s SMS messaging, message reads as follows:
“(Google™ Notification) We recently noticed a suspicious sign-in attempt to jschnei4@gmail.com from IP address 136.91.38.203 (Vacaville, CA). If you did not sign-in from this location and would like to lock your account temporarily, please reply to this alert with the 6-digit verification code you will receive momentarily. If you did authorize this sign-in attempt, please ignore this alert.”
Mainly, the attackers were mentally preparing the victim to receive the 2FA verification code, in order to facilitate the following illegal login attempt they were about to perform. The criminals were going to access MacCaw’s account, and when his 2FA system would commence, MacCaw would act to lock his account by sending the “verification code to Google.” In fact, MacCaw would be sending the 2FA code to the criminal, who would then enter it in the login page and access his account, with his help.
Thankfully, MacCaw was able to detect their strategies and didn’t fall for this new type of social engineering hoax. However, if you are a Gmail user, you should take precautions and not fall for these new tricks being used by hackers to gain access into your Gmail and Google accounts.

Popular posts from this blog

Hidden Wiki

Welcome to The Hidden WikiNew hidden wiki url 2015 http://zqktlwi4fecvo6ri.onion Add it to bookmarks and spread it!!!
Editor's picks Bored? Pick a random page from the article index and replace one of these slots with it.
The Matrix - Very nice to read. How to Exit the Matrix - Learn how to Protect yourself and your rights, online and off. Verifying PGP signatures - A short and simple how-to guide. In Praise Of Hawala - Anonymous informal value transfer system. Volunteer Here are five different things that you can help us out with.
Plunder other hidden service lists for links and place them here! File the SnapBBSIndex links wherever they go. Set external links to HTTPS where available, good certificate, and same content. Care to start recording onionland's history? Check out Onionland's Museum Perform Dead Services Duties. Introduction PointsAhmia.fi - Clearnet search engine for Tor Hidden Services (allows you to add new sites to its database). DuckDuckGo - A Hidden S…

[SOLVED] IDM WAS REGISTERED WITH A FAKE SERIAL NUMBER

[SOLVED] IDM WAS REGISTERED WITH A FAKE SERIAL NUMBER
Good News [May 08, 2015]: IDM developers got smarter, but the crackers are always a step ahead. Follow this article and send an email to uglyduckblog@gmail.com if you are desperate. I can NOT post any crack here for legal reasons. Happy Downloading with IDM. ;) *********** first tip is to use latest crack for idm from  onhax.net idm universal web crack and make sure u are using all latest vers I am sure many of us are too much dependent on Internet Download Manager a.k.a. IDM. The main reason didn’t permanently switch to linux was IDM. I mainly use it for batch downloading and download streaming videos. Till yesterday, IDM was working fine with me (of course with fake serial numbers, keygen, crack, patch etc. which could be found with little effort). But few days ago, with the latest update version 6.18 build 7 (released on Nov 09, 2013) Internet Download Manager was literally had a breakthrough and crushed all the serial numbers, …

DoubleAgent Attack Turns Your Antivirus Into Malware And Hijacks Your PC



Short Bytes: Cybellum security researchers have uncovered a new attack mechanism that can be used to take control of your antivirus and turn it into a malware. Called DoubleAgent, this attack exploits an old and undocumented vulnerability in Windows operating system. This Zero Day code injection technique affects all major antivirus vendors and has the power to hijack permissions. The security researchers from Cybellum have found a new technique that can be used by the cybercriminals to hijack your computer by injecting malicious code. This new Zero-Day attack can be used to take full control over all the major antivirus software. Instead of hiding from the antivirus, this attack takes control of the antivirus itself. Called DoubleAgent, this attack makes use of a 15-year-old legitimate feature of Windows (read vulnerability)–that’s why it can’t be patched. It affects all versions of Microsoft Windows. Cybellum blog mentions that this flaw is still unpatched by most antivirus v…