Two-step authentication is an additional protection system that we use to connect to a service. But, it was bypassed by a group of Chinese hackers nicknamed APT20. Government services and industrial companies, distributed in ten countries are concerned.

‌

Today we have some disturbing news. A group of hackers of Chinese origin would have managed to circumvent the famous two-step authentication, Which is a protection system used by the vast majority of services on the Internet, Google for example, but also (and above all) banking institutions. The information was released by a Dutch security specialist, Fox-IT.

Chinese hackers caught bypassing 2FA

Two-step authentication is a standard protection system today and you are certainly using it, even if you don’t know it. It comes in addition to the classic login/password duo. When you enter your credentials on a service using this protection, the latter sends a temporary code that we enter on our device (in the case of Google, the system returns you to your smartphone where you must press a button to confirm that this is not a stranger who is trying to log into your account). By entering the code, you confirm your identity to the system.

By managing to bypass this authentication, hackers were able to break into certain government departments or servers of industrial companies. One of the victims of these attacks contacted Fox-IT who discovered a suspicious activity. And was able to trace back to the group of hackers mentioned above. The companies affected by hackers are spread across ten countries. And a dozen different industrial sectors.

‌

The list of the countries concerned include France, Italy, Spain, Portugal, Germany, the United Kingdom, Brazil, the United States, Mexico and even China. The sectors in question are aeronautics, construction, finance, energy, insurance, transport, human resources providers, lock designers and gambling. It does not seem that this wave of attacks concerns the general public, but more companies.

‌

‌