A Chinese hacking group believed to operate on behalf of the Beijing government has learned how to bypass two-factor authentication (2FA) in attacks on 10 governments and industry targets, ZDNet reported on Monday.
The group, known as APT20, has reportedly sought to compromise VPN credentials that would grant them heightened levels of access across their victims’ networks, according to ZDNet, citing a new report from Dutch cyber-security firm Fox-IT.
While bypassing 2FA is not unheard of, the sophistication required on the perpetrator’s part means such attacks are relatively rare. It’s not entirely clear how APT20 pulled it off. However, ZDNet reported on one theory:
They said APT20 stole an RSA SecurID software token from a hacked system, which the Chinese actor then used on its computers to generate valid one-time codes and bypass 2FA at will.
Normally, this wouldn’t be possible. To use one of these software tokens, the user would need to connect a physical (hardware) device to their computer. The device and the software token would then generate a valid 2FA code. If the device was missing, the RSA SecureID software would generate an error.
***TRUMP IS DOING RIGHT TO HARRASS CHINA, WHICH IS THE DARLING OF THE LEFTY RADICALS MARXIST LUNATICS***
Bookmarks