Two-factor authentication phishing from Iran

The Daily Beast reports: Iranian hackers have now found a way to get around Google’s two-step verification system and infiltrate GMail’s most elaborate consumer security system, according to a new report.

The Citizen Lab’s John Scott-Railton and Katie Kleemola outlined a few new ways that Iranian hackers can compromise the accounts of political dissidents, or even everyday citizens.

“Their targets are political, and include Iranian activists, and even a director at the Electronic Frontier Foundation,” said Scott-Railton in an email, referring to the digital rights organization. “In some cases they even pretend to be Reuters journalists calling to set up interviews.”

The report says attacks on political targets are new. But the methodology of the hack has been going on for years, especially as reliance on so-called “two-factor authentication” — using something in addition to a password to get into your account — has gone up. [Continue reading…]

Print Friendly, PDF & Email