Google’s Authenticator Used to Address Breach Impacting Crypto Users

Google’s Authenticator Used to Address Breach Impacting Crypto Users

Retool Cloud Customers Fall Victim to Targeted SMS Phishing Attack

Retool, a trending software development company, has recently disclosed that 27 of its cloud customers have been targeted in a phishing attack conducted through SMS messages.

The Attack Details

The attack took place on August 27 and began with a deceptive SMS phishing campaign directed at Retool’s employees. The attackers posed as members of the IT team and sent messages urging recipients to click on a seemingly legitimate link to address a payroll-related issue. One employee fell for the trick and ended up on a fake login page where their credentials were stolen.

After obtaining the login details, the attackers went further by contacting the employee directly and using deepfake technology to convincingly imitate the voice of an IT team member. They tricked the employee into disclosing the multi-factor authentication code.

Quant Slumps to New Low, Then Bounces Back with Over $90 Recovery

Due to the use of Google Authenticator’s cloud synchronization feature by the employee, the attackers gained access to internal administrative systems. As a result, they took control of accounts belonging to 27 customers in the digital currency industry.

Concerns Over Deepfake Technology

The use of deepfake technology in this attack has raised concerns within the United States Government. A recent advisory highlighted the  capacity misuse of audio, video, and text deepfakes for malicious objectives, including business email compromise (BEC) attacks and digital currency scams.

SEC Races Against Time to Postpone Bitcoin ETFs Amid Impending Government Shutdown

Despite the fact that the identity of the hackers remains unknown, their strategies resemble those used by Scattered Spider (or UNC3944), a financially motivated threat actor known for sophisticated phishing techniques.

Cybersecurity Recommendations

Mandiant, a cybersecurity firm, shared insights into the attackers’ methods, suggesting that they may have used access to victim environments to strengthen their phishing campaigns. They created new phishing domains with internal system names, as observed in some cases.

It is crucial to note the risk associated with syncing one-time codes to the cloud. This compromises the “something the user has” factor in multi-factor authentication. To strengthen security against phishing attacks, it is recommended that users consider using FIDO2-compliant hardware security keys or passkeys.

Top 6 Affordable Cryptocurrencies to Purchase Below $1 in September 2023

Hot Take: Phishing Attack Highlights the Dangers of SMS-Based Attacks

The recent phishing attack targeting Retool’s cloud customers serves as a reminder of the  dangers posed by SMS-based attacks and the  capacity misuse of deepfake technology. It emphasizes the need for individuals and organizations to remain vigilant against such threats and take proactive measures to strengthen their cybersecurity defenses. By adopting stronger authentication methods, such as hardware security keys, users can better protect themselves from sliding victim to phishing attempts and prevent unauthorized access to their sensitive information.

Terraform Labs Finds Relief as Class-Action Lawsuit is Dismissed
Author – Contributor at | Website

Owen Patter is a distinguished crypto analyst, accomplished researcher, and skilled editor, leaving a notable imprint on the cryptocurrency landscape. As a proficient crypto analyst and researcher, Owen delves into the intricate realms of digital assets, offering insights that resonate with a diverse audience. His analytical acuity is harmoniously paired with adept editorial skills, allowing him to transform complex crypto information into easily comprehensible content.

Ether ETF Set to Bring Huge Profits for Protocol Guild
Read Disclaimer
This page is simply meant to provide information. It does not constitute a direct offer to purchase or sell, a solicitation of an offer to buy or sell, or a suggestion or endorsement of any goods, services, or businesses. does not offer accounting, tax, or legal advice. When using or relying on any of the products, services, or content described in this article, neither the firm nor the author is liable, directly or indirectly, for any harm or loss that may result. Read more at Important Disclaimers and at Risk Disclaimers.

Follow us

Latest Crypto News

Share via
Share via
Send this to a friend