Simjacking – Hackers are getting around two factor authentication (2FA), be mindful that nothing is perfect. Some ways they are getting around 2FA is called Simjacking. After you enter your password, you receive a timebound code via call or SMS to process it. Phone-based is widely used in digital banking, social media account recovery, e-commerce, etc. A hacker will approach a carrier, impersonate the user, and switch the connection to a new SIM. When a request is entered, the hacker gets the login credentials on their SIM and redirects the request. This slightly primitive – but highly effective technique – is called Simjacking, and it recently compromised the social media access for Twitter CEO, Jack Dorsey. A group called Chuckling Squad gained access to Dorsey’s account for 15 minutes via Simjacking and was able to tweet a series of offensive remarks. I suggest putting secondary email triggers on account when anything is changed on said account. #Simjacking #hacking #2FA #twofactor #authenticating#bvatechnicalninja #security

Leave a Reply

Your email address will not be published. Required fields are marked *