Researchers from “SlashNext” have warned about advanced phishing attacks using new techniques to bypass two-factor authentication, by hijacking sessions and intercepting credentials in real-time, according to “The Sun”.
These attacks first emerged in late January by a hacker group called “Astaroth”. The attacker sends a link via email to the victim, and when clicked, it redirects them to a fake login page that perfectly matches the legitimate page. There will be no security warnings, causing the victim to believe the page is real. When the victim enters their login details, the attacker immediately receives them, granting access to the victim’s accounts.
Bypassing Two-Factor Authentication
Researchers note that these attacks don’t only steal login credentials but also bypass two-factor authentication—which is the first line of defense against phishing attacks. This is done by intercepting authentication codes and session cookies as soon as they are created, allowing attackers to quickly and accurately bypass two-factor protection. This means that even if the victim receives a text message with a code to access their account, attackers can easily intercept the code.
Although phishing attacks targeting login data through fake pages have been around, “SlashNext” warns that the “Astaroth” group stands out due to its ability to capture all authentication data in real-time.
Escalation of Attack Levels
The researchers pointed out that “Astaroth”‘s new attacks raise the risk level significantly, making traditional phishing techniques and current security measures largely ineffective. The “Astaroth” group offers its services on the dark web for $2000, including 6 months of updates for buyers.
AI Drives Phishing Attacks
In a similar vein, the FBI has warned about new phishing attacks powered by artificial intelligence targeting Gmail users. These attacks steal personal information and compromise accounts. The FBI first warned about these AI-driven attacks in May 2024. The phishing attacks powered by AI have not only stolen funds from accounts but have also included identity theft.
Robert Trip, an agent with the FBI, stated:
“Attackers exploit AI to create highly convincing voice messages, videos, and emails to execute phishing attacks against individuals and businesses alike.”
He added:
“These advanced methods can lead to devastating financial losses, reputation damage, and the breach of sensitive data.”
