Summary:

?A security researcher recently revealed that a large database containing company two-step verification codes was publicly exposed.

?The data relates to a service used by Google, Meta and TikTok to send text messages containing verification codes to verify a user's identity as quickly as possible. .

?These two-factor authentications present many forms of crime, from hacking into a person's iCloud to stealing their phone number to bypassing encryption.

A security researcher has discovered an unprotected database that managed access to the services of some of the world's largest tech companies. The database belongs to a short message service (SMS) routing operator responsible for sending two-factor authentication (2FA) codes to users of Meta, Google and possibly crypto companies.

Researcher Anurag Sen discovered that the company's YX International database was not password protected on the public Internet. Anyone who knows the public Internet Protocol (IP) address can view the data.

Users affected by two-factor authentication breach

YX International sends security codes to users who log into the Meta, Google and TikTok platforms. The company ensures that users' messages are delivered quickly through global mobile networks. The messages it sends include security codes that form part of the two-factor authentication schemes used by many large companies to protect user accounts.

Some service providers, such as Google, can verify the user's authenticity by sending an SMS code after entering a password. Other authentication options include generating a string of codes from the authentication application to supplement the password.

While two-factor authentication is designed to improve security, it's not a magic bullet. As a result, crypto exchange Coinbase warns that 2FA is a minimum security measure, but not absolutely secure. Hackers may still find a way to steal funds from crypto wallets.

Coinbase stated:

"While 2FA is designed to increase security, it is not foolproof. Hackers who obtain two-factor authentication can still gain unauthorized access to accounts. Common methods include phishing attacks, account recovery procedures, and malware. Hackers It is also possible to intercept text messages used in 2FA."

Criminals are using these methods to bypass 2FA

Last year, reports emerged about how criminals were bypassing 2FA on Apple devices. Hackers can access Apple's cloud platform iCloud and replace a user's phone number with their own. This scheme compromises funds held in crypto wallet apps on Apple devices, as some apps may send verification codes to compromised phone numbers.

Criminals can also use SIM swapping to conduct two-step verification crypto scams. In this attack method, criminals convince mobile carriers such as AT&T or Verizon to transfer phone numbers from the rightful owner to the fraudster's name. The criminal then only needs one more piece of information to gain access to the self-hosted wallet app that actually has the phone number.

In light of the surge in quantum technology, Apple recently improved the security of its Secure Enclave hardware device embedded in iPhones. Post-quantum encryption schemes create new keys every time a malicious actor compromises an old key.

This feature can help crypto wallet developers improve their customers’ crypto security by storing critical information in Secure Enclave. So far, at least one provider has used Secure Enclave to grant access to its wallet app.

Reporters contacted Binance and Coinbase, the world’s largest cryptocurrency exchanges, to find out whether the XY International data breach affected their users. Neither company responded by the time of publication.#安全漏洞 #2FA

熱點： LED TO TWO