Skip to content

An adversary may utilize a sim swapping attack for defeating 2fa authentication

License

Notifications You must be signed in to change notification settings

qeeqbox/two-factor-authentication-sim-cloning

Repository files navigation

An adversary may utilize a sim swapping attack for defeating 2fa authentication.

Example #1

  1. Adversary steals the username and password pair for website
  2. Adversary compromises the victim's sim card and clone it
  3. Adversary logs in with the stolen username and password
  4. Adversary receives a pin code on the compromised phone and uses it for verification.

Impact

High

Risk

  • gain unauthorized access

Redemption

  • use more factors

ID

58a84977-90e1-4156-a555-8568e83115d0

References

  • howtogeek

About

An adversary may utilize a sim swapping attack for defeating 2fa authentication

Topics

Resources

License

Code of conduct

Stars

Watchers

Forks

Sponsor this project