Beyond a username and password, two-factor authentication (2FA) is an extra layer of security that is required to guarantee the security of online accounts. Is 2FA, however, truly infallible?
Google’s two-factor authentication (2FA) safeguards have been circumvented by hackers in a number of account security breaches, as reported by Gmail and YouTube users. These hacks have brought attention to a clever tactic used by hackers: the installation of malware designed to steal cookies. The goal of this malware is to steal session cookies, which are little files that let users log in to different services more quickly. Hackers can pose as authentic account holders and fool systems into allowing them access without a password by gaining these cookies.
Attacks begin, according to SOFX, with phishing emails that lead victims to dangerous websites where malware is downloaded. Once installed, this software gives hackers the ability to get around 2FA and access accounts without authorization. This tactic jeopardizes not just the account’s security but also the users’ personal security.
According to Forbes, there seems to be a common denominator in the shape of Ripple Labs cryptocurrency—or, more accurately, frauds using XRP—apart from the quantity of accounts affected despite having 2FA security in place.
Ripple has turned to X in an effort to raise awareness of the growing number of hacks on Gmail and YouTube accounts, which are then exploited to trick readers and viewers into falling for various frauds. The most prevalent of these is a fraud known as “crypto-doubling,” in which the perpetrator claims to double the amount of XRP sent to an alleged legitimate Ripple management account. For legitimacy, some of the stolen YouTube accounts have, for instance, used deep fake-generated videos of Brad Garlinghouse, the CEO of Ripple Labs.
Ripple Labs cautions that it would never require anybody to donate XRP in an X post that was published on April 11. It also directs worried readers to resources that offer guidance on avoiding cryptocurrency frauds.
On several online sites, such as Reddit and Google’s official support forums, victims have recounted their stories of how hackers changed account recovery settings and shut out the rightful owners.
In reaction to these occurrences, Google acknowledged that session cookie hijacking was still a problem and kept improving their security protocols to stop these kinds of intrusions. Additionally, as long as the recovery factors were established before the incident, the business guarantees that its automatic account recovery method will enable customers to reclaim control of their accounts using their original recovery factors for a maximum of seven days following modifications.
Google advises users to run Google’s Security Checkup on a regular basis to make sure all available security measures are current and in place, as well as to use extra security tools like passkeys.