Hackers Find New Way To Bypass Two-Factor Authentication

Cybersecurity researchers have issued a warning about a new method hackers are using to bypass two-factor authentication, a security measure long considered a strong safeguard for online accounts. This technique doesn’t involve guessing codes or infiltrating phones, but rather targets session cookies, small files stored by browsers after users log in.

These cookies serve as verification, indicating to a website that a user has already been authenticated. If a hacker obtains this cookie, they can gain unauthorized access to an account without needing the password or two-factor code. This type of attack is becoming increasingly common, thanks to a phishing tool called Evilginx, which enables hackers to discreetly intercept users and the websites they attempt to access without arousing suspicion.

The attack typically begins with a link, often sent via email, text message, or social media, leading to a login page that appears normal. Despite the familiar design and convincing address, the hacker’s server secretly captures the session cookie created at that moment. By copying this cookie, the attacker can gain full access to the account, allowing them to read emails, change settings, access personal data, or transfer funds, depending on the service.

This unauthorized access persists until the session expires or is manually terminated.