Sign In

Communications of the ACM

ACM TechNews

Chinese Hacker Group Caught Bypassing 2FA


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
two-factor authentication word cloud

Dutch cybersecurity firm Fox-IT said in a report that a hacker group associated with the Chinese government has been bypassing two-factor authentication (2FA) in a recent series of attacks. 

The chief target of the recent attacks by APT20 group, which is believed to operate at the behest of China's government, were government entities and managed service providers in fields including aviation, healthcare, finance, insurance, and energy. The Fox-IT analysts said the group used Web servers as the initial point of intrusion, with special emphasis on the JBoss enterprise application platform often found in large corporate and government networks.

The analysts determined the hackers linked to virtual private networks shielded by 2FA, theoretically by stealing an RSA SecurID software token from a hacked system, then using the token on its computers to produce valid one-time codes and bypass 2FA at will.

From ZDNet 
View Full Article

 

Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA


 

No entries found