The Fall of 2FA: New Form of Phishing Emerges
The dreaded day has come. The two-factor authentication is no longer a reliable safety mechanism for your account credentials.
All thanks to the new Modlishka tool.
Modlishka is a penetration testing tool developed by Polish researcher Piotr Duszyński. It is a modified reverse proxy capable of automating phishing attacks, slipping through 2FA, and impersonating the user.
In order for it to work, the victim needs to connect to Modlishka server which hosts a phishing domain. The server will act as the MITM and makes requests to the original site (the one the user intended on visiting) in order to impersonate it.
Modlishka also does not use templates, but instead loads and authentic content from the original website which makes the attack even more difficult to spot with a naked eye.
All the content the user is going to see will be authentic, except all of it is going to get recorded in Modlishka backend. Collected 2FA tokens can then be used to start a new legitimate session.
It is hard to estimate how much more successful phishing attacks will get if a tool like that becomes available to hackers.
One thing for sure, you can no longer rely solely on 2FA to protect your credentials.
To learn how to ensure robust protection of your business email, go to StealthMail.com and sign up for a free one-to-one consultation.