2 years ago

It was only a matter of time. While multifactor authentication (MFA) makes logging into systems safer, it doesn’t make it “safe.” As well-known hacker https://www.linkedin.com/in/kevinmitnick/ of https://www.knowbe4.com/, showed in 2018 it’s easy to https://techcrunch.com/2018/05/10/hacker-kevin-mitnick-shows-how-to-bypass-2fa/ for a given site.

In these kits, however, the same technology is used to run local https://en.wikipedia.org/wiki/Man-in-the-middle_attack attacks to steal credentials and session cookies.

What this “new kind of kit” brings to the table is a malware-planted MitM transparent reverse proxy.