A group of Chinese-based hackers managed to circumvent the “two-factor authentication” security method, which is said to be highly reliable.
Recently, many developers and publishers, from online service providers to game studios, have begun to offer two-factor authentication as a security method. The common thing that all users of this service say is that this system can be used for the person’s account, system, smart phone, and so on. but it doesn’t look like it.
According to information obtained from a group of Chinese hackers APT20, without being caught on any alarm was able to circumvent the commonly used security methods. This cyber espionage process led to the questioning of a two-factor authentication system.
There is currently no solution for this process:
To accomplish this hack, APT 20 used what Fox-IT classified as Operation Wocao. The group had previously managed to hack web servers, but now changed focus and used RSA SecurID software, which was stolen from an attacked account to bypass two-factor authentication methods. Simply put, the group used a modified key that was stolen from an attacked account to make its attacks appear valid on security systems.
With this method, the APT 20 was able to deceive other systems to show valid results. Since two-factor authentication is based on different systems, it can be ensured that when the group manages to hack one side, the other system accepts the changed key.
As of now, there is no solution for this cyber espionage process. However, this does not mean that the system is completely problematic and unsafe. The shared report also elaborated on various ways in which the dual verification process could be made more independent and less interdependent.