The two factor authentication is a very safe method to protect your accounts, but it’s not infallible. Cybersecurity company Sekoia discovered a tool capable of evading 2FA techniques. It’s a worrisome fraud method that can put your Gmail account at risk, as well as Microsoft 365 users.
Promoted in hacker forums as a service kit, the tool allows hackers to avoid protection measures based on Two Steps Authentication. The fraud method is specially dangerous for Gmail users and Google services alike. Tycoon 2FA is the service kit you must be careful about, and it’s very popular when attacking Microsoft 365 and Gmail accounts.
A new fraud method affects Gmail accounts
In October 2023 Tycoon 2FA appeared in the Sekoia reports for the first time. The tool has been active since August 2023 according to the cybersecurity firm. It’s one of the more popular phishing kits shared on the Internet, and a newer improved version appeared in February 2024.
There are websites ready to attack Gmail accounts with phishing traps and they are sold at 120 dollars per 10 days use. There’s also a version that attacks Microsoft 365 accounts and the reports indicate that Tycoon 2FA is on Telegram and hacking forums as well.
In order to complete the fraud method in Gmail accounts, Tycoon 2FA redirects the user to a cloned home page. Once the user introduces the credentials Tycoon 2FA launches a webpage to verify the authentication code. The research highlights that the token is intercepted in order to avoid security measures. At the end, you are giving the hackers access to your account.
The cookies to start a session are captured and can be used again. Then the hacker can avoid the security mechanisms of 2 Factor Authentication. The phishing attacks start on a mail with a link or even a QR code. Be aware of any suspicious mail.
Gmail answers about the security breach this fraud method represents
One of Google’s spokesperson told the media that one of the solutions to this problem is the use of passkeys. This method doesn’t require passwords to log in, and according to Google reduces phishing impact drastically. “We are continuously supervising the product ecosystem in order to protect the clients against this type of menaces” indicated a Microsoft spokesperson.