cybersecurity security modlishka training education program hacked hacker tool 2fa two factor authentication

New Tool, Modlishka, Bypasses Two-Factor Authentication

A safety protocol can now be bypassed by a hacker tool Modlishka. Trust in two-factor authentication has slowly eroded in the last month.

Modlishka

In the beginning of the new year, Piotr Duszyński, a Polish security researcher created a new penetration testing tool. The tool, named Modlishka (Polish word for mantis) can automate phishing scams and bypass accounts protected by two-factor authentication (2FA).

cybersecurity security modlishka training education program hacked hacker tool 2fa two factor authentication

Phishing Scheme

IT professionals deem Modlishka as a reverse proxy, but altered for manipulating traffic meant for login pages and phishing operations.

“It sits between a user and a target website –like Gmail, Yahoo, or ProtonMail. Phishing victims connect to the Modlishka server (hosting a phishing domain), and the reverse proxy component behind it makes requests to the site it wants to impersonate.

cybersecurity security modlishka training education program hacked hacker tool 2fa two factor authentication

The victim receives authentic content from the legitimate site –let’s say for example Google– but all traffic and all the victim’s interactions with the legitimate site passes through and is recorded on the Modlishka server. ” ZDNet

Reverse Proxy

Anything the user types in (email addresses, passwords, etc.) are automatically recorded in the Modlishka backend panel. In the meantime, the reverse proxy prompts users for the 2FA tokens. If these tokens are collected in real-time, they can be used to log into victims’ accounts.

Hacker Tool Appeal

Due to Modlishka’s simple design, cyber attackers do not need to waste time perfecting templates to clone legitimate sites, since all the content is retrieved from legitimate sites in real-time.

cybersecurity security modlishka training education program hacked hacker tool 2fa two factor authentication

All that is required is a phishing domain to host the Modlishka server and a valid TLS certificate to avoid alerting users of the lack of an HTTPS connection. The final step is to configure a simple config file that unloads victims onto the real legitimate site at the end of the phishing operation before they notice the suspicious phish domain. This tool is easy to maintain and difficult to be detected by its victims.

Duszyński described Modlishka as a point-and-click and easy-to-automate system that requires minimal maintenance, unlike previous phishing toolkits used by other penetration testers.

Modlishka In Action

cybersecurity security modlishka training education program hacked hacker tool 2fa two factor authentication

In an Amnesty International Report, released in December, disclosed that advanced state-sponsored actors are using phishing systems incorporated with tools that bypass two-factor authentication.

Duszyński was asked why he released such a dangerous tool on GitHub. His answer is quite intriguing.

“This status quo, and lack of awareness about the risk, is a perfect situation for malicious actors that will happily exploit it.”

Secure Your Digital Life

While protecting your account with two-factor authentication isn’t as much of a safety net as once believed, it is more important now to pay attention to domains when entering credentials. If not, you might be handing over your email address and password combination of your bank account to a cybercriminal.

Related image

Original Article Found Here.

  •  
  •  
  •  
  •  
  •  
  •