{"id":2413,"date":"2012-12-11T05:27:12","date_gmt":"2012-12-10T23:57:12","guid":{"rendered":"https:\/\/www.qadit.com\/blog\/?p=2413"},"modified":"2012-12-11T05:27:12","modified_gmt":"2012-12-10T23:57:12","slug":"bypassing-two-factor-authentication","status":"publish","type":"post","link":"https:\/\/qadit.com\/blog\/bypassing-two-factor-authentication\/","title":{"rendered":"Bypassing Two-Factor Authentication"},"content":{"rendered":"

Yet another way two-factor authentication has been bypassed<\/a>:<\/p>\n

For a user to fall prey to Eurograbber, he or she must first be using a computer infected with the trojan. This was typically done by luring the user onto a malicious web page via a round of unfortunate web surfing or email phishing attempts. Once infected, the trojan would monitor that computer’s web browser for banking sessions. When a user visited a banking site, Eurograbber would inject JavaScript and HTML markup into their browser, prompting the user for their phone number under the guise of a “banking software security upgrade”. This is also the key to Eurograbber’s ability to bypass two-factor authentication.<\/p><\/blockquote>\n

It’s amazing that I wrote about this almost eight years ago<\/a>. Here’s<\/a> another example of the same sort of failure.<\/p>\n

<\/p>\n

\n

Original news article at https:\/\/www.schneier.com\/blog\/<\/a> on December 11, 2012 at 12:34AM<\/p>\n","protected":false},"excerpt":{"rendered":"

Yet another way two-factor authentication has been bypassed: For a user to fall prey to Eurograbber, he or she must first be using a computer infected with the trojan. This was typically done by luring the user onto a malicious web page via a round of unfortunate web surfing or email phishing attempts. Once infected, … <\/p>\n

Continue reading “Bypassing Two-Factor Authentication”<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[1],"tags":[4],"class_list":["post-2413","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-it-security"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9AH7Q-CV","_links":{"self":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/2413","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/comments?post=2413"}],"version-history":[{"count":0,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/2413\/revisions"}],"wp:attachment":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/media?parent=2413"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/categories?post=2413"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/tags?post=2413"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}