• bitcoinBitcoin (BTC) $ 97,338.00
  • ethereumEthereum (ETH) $ 3,382.68
  • tetherTether (USDT) $ 0.999429
  • xrpXRP (XRP) $ 2.25
  • bnbBNB (BNB) $ 666.58
  • solanaSolana (SOL) $ 185.99
  • dogecoinDogecoin (DOGE) $ 0.325442
  • usd-coinUSDC (USDC) $ 0.999157
  • staked-etherLido Staked Ether (STETH) $ 3,378.66
  • cardanoCardano (ADA) $ 0.918814
  • tronTRON (TRX) $ 0.245679
  • avalanche-2Avalanche (AVAX) $ 38.50
  • chainlinkChainlink (LINK) $ 22.82
  • wrapped-stethWrapped stETH (WSTETH) $ 4,019.00
  • the-open-networkToncoin (TON) $ 5.33
  • suiSui (SUI) $ 4.60
  • shiba-inuShiba Inu (SHIB) $ 0.000022
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 97,161.00
  • stellarStellar (XLM) $ 0.362165
  • polkadotPolkadot (DOT) $ 7.09
  • hyperliquidHyperliquid (HYPE) $ 32.25
  • hedera-hashgraphHedera (HBAR) $ 0.257040
  • wethWETH (WETH) $ 3,384.31
  • bitcoin-cashBitcoin Cash (BCH) $ 453.97
  • leo-tokenLEO Token (LEO) $ 9.26
  • uniswapUniswap (UNI) $ 13.53
  • litecoinLitecoin (LTC) $ 100.51
  • pepePepe (PEPE) $ 0.000018
  • wrapped-eethWrapped eETH (WEETH) $ 3,570.15
  • nearNEAR Protocol (NEAR) $ 5.14
  • bitget-tokenBitget Token (BGB) $ 4.28
  • ethena-usdeEthena USDe (USDE) $ 0.999521
  • aptosAptos (APT) $ 9.86
  • usdsUSDS (USDS) $ 0.999617
  • internet-computerInternet Computer (ICP) $ 10.40
  • aaveAave (AAVE) $ 308.00
  • crypto-com-chainCronos (CRO) $ 0.161222
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.480740
  • mantleMantle (MNT) $ 1.19
  • ethereum-classicEthereum Classic (ETC) $ 26.40
  • render-tokenRender (RENDER) $ 7.28
  • vechainVeChain (VET) $ 0.046562
  • mantra-daoMANTRA (OM) $ 3.75
  • moneroMonero (XMR) $ 192.27
  • whitebitWhiteBIT Coin (WBT) $ 24.39
  • bittensorBittensor (TAO) $ 466.74
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 1.30
  • daiDai (DAI) $ 0.998276
  • arbitrumArbitrum (ARB) $ 0.762721
  • ethenaEthena (ENA) $ 1.07
  • kaspaKaspa (KAS) $ 0.121792
  • filecoinFilecoin (FIL) $ 5.04
  • fantomFantom (FTM) $ 1.02
  • algorandAlgorand (ALGO) $ 0.339123
  • okbOKB (OKB) $ 45.12
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 2.67
  • cosmosCosmos Hub (ATOM) $ 6.67
  • blockstackStacks (STX) $ 1.71
  • ondo-financeOndo (ONDO) $ 1.72
  • optimismOptimism (OP) $ 1.80
  • bonkBonk (BONK) $ 0.000031
  • immutable-xImmutable (IMX) $ 1.38
  • celestiaCelestia (TIA) $ 5.04
  • movementMovement (MOVE) $ 0.997652
  • theta-tokenTheta Network (THETA) $ 2.18
  • injective-protocolInjective (INJ) $ 21.06
  • binance-peg-wethBinance-Peg WETH (WETH) $ 3,392.28
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 97,305.00
  • the-graphThe Graph (GRT) $ 0.211233
  • dogwifcoindogwifhat (WIF) $ 2.01
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.030261
  • sei-networkSei (SEI) $ 0.430603
  • worldcoin-wldWorldcoin (WLD) $ 2.24
  • thorchainTHORChain (RUNE) $ 5.13
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 3,491.61
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.997693
  • rocket-pool-ethRocket Pool ETH (RETH) $ 3,783.21
  • flokiFLOKI (FLOKI) $ 0.000172
  • jasmycoinJasmyCoin (JASMY) $ 0.033775
  • gatechain-tokenGate (GT) $ 12.91
  • quant-networkQuant (QNT) $ 111.35
  • tokenize-xchangeTokenize Xchange (TKX) $ 20.00
  • mantle-staked-etherMantle Staked Ether (METH) $ 3,564.38
  • lido-daoLido DAO (LDO) $ 1.72
  • galaGALA (GALA) $ 0.036172
  • flare-networksFlare (FLR) $ 0.027513
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 97,329.00
  • makerMaker (MKR) $ 1,661.00
  • beam-2Beam (BEAM) $ 0.027424
  • fasttokenFasttoken (FTN) $ 3.32
  • usual-usdUsual USD (USD0) $ 0.998678
  • the-sandboxThe Sandbox (SAND) $ 0.574083
  • pyth-networkPyth Network (PYTH) $ 0.371240
  • kucoin-sharesKuCoin (KCS) $ 11.27
  • nexoNEXO (NEXO) $ 1.34
  • tezosTezos (XTZ) $ 1.30
  • kaiaKaia (KAIA) $ 0.224991
  • solv-btcSolv Protocol SolvBTC (SOLVBTC) $ 97,351.00
  • based-brettBrett (BRETT) $ 0.129830
  • raydiumRaydium (RAY) $ 4.42
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 3,483.58
  • eosEOS (EOS) $ 0.815780
  • heliumHelium (HNT) $ 6.87
  • binance-staked-solBinance Staked SOL (BNSOL) $ 190.63
  • ethereum-name-serviceEthereum Name Service (ENS) $ 35.32
  • aerodrome-financeAerodrome Finance (AERO) $ 1.61
  • jupiter-exchange-solanaJupiter (JUP) $ 0.838653
  • xdce-crowd-saleXDC Network (XDC) $ 0.076134
  • flowFlow (FLOW) $ 0.718054
  • starknetStarknet (STRK) $ 0.481492
  • bitcoin-svBitcoin SV (BSV) $ 54.10
  • arweaveArweave (AR) $ 16.36
  • iotaIOTA (IOTA) $ 0.298187
  • aioz-networkAIOZ Network (AIOZ) $ 0.929524
  • dydx-chaindYdX (DYDX) $ 1.47
  • bittorrentBitTorrent (BTT) $ 0.000001
  • msolMarinade Staked SOL (MSOL) $ 232.35
  • curve-dao-tokenCurve DAO (CRV) $ 0.823577
  • coredaoorgCore (CORE) $ 1.11
  • neoNEO (NEO) $ 14.21
  • axie-infinityAxie Infinity (AXS) $ 6.29
  • elrond-erd-2MultiversX (EGLD) $ 34.79
  • matic-networkPolygon (MATIC) $ 0.481654
  • decentralandDecentraland (MANA) $ 0.481014
  • solv-protocol-solvbtc-bbnSolv Protocol SolvBTC.BBN (SOLVBTC.BB) $ 96,536.00
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 96,816.00
  • pendlePendle (PENDLE) $ 5.16
  • zcashZcash (ZEC) $ 53.50
  • apecoinApeCoin (APE) $ 1.16
  • fartcoinFartcoin (FARTCOIN) $ 0.837508
  • ether-fi-staked-ethether.fi Staked ETH (EETH) $ 3,385.10
  • jito-governance-tokenJito (JTO) $ 2.95
  • eigenlayerEigenlayer (EIGEN) $ 3.79
  • mog-coinMog Coin (MOG) $ 0.000002
  • chilizChiliz (CHZ) $ 0.086076
  • akash-networkAkash Network (AKT) $ 3.21
  • ai16zai16z (AI16Z) $ 0.714563
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 3,383.18
  • conflux-tokenConflux (CFX) $ 0.160098
  • wormholeWormhole (W) $ 0.269933
  • usddUSDD (USDD) $ 0.997906
  • popcatPopcat (POPCAT) $ 0.752425
  • spx6900SPX6900 (SPX) $ 0.786774
  • mina-protocolMina Protocol (MINA) $ 0.610034
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 199.21
  • compound-governance-tokenCompound (COMP) $ 81.96
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 3,384.08
  • superfarmSuperVerse (SUPER) $ 1.58
  • pancakeswap-tokenPancakeSwap (CAKE) $ 2.40
  • roninRonin (RON) $ 1.91
  • ecasheCash (XEC) $ 0.000035
  • havvenSynthetix Network (SNX) $ 2.04
  • gnosisGnosis (GNO) $ 263.41
  • dog-go-to-the-moon-runeDOG•GO•TO•THE•MOON (Runes) (DOG) $ 0.006823
  • chiaChia (XCH) $ 21.06
  • binance-peg-dogecoinBinance-Peg Dogecoin (DOGE) $ 0.327257
  • ether-fi-staked-btcEther.fi Staked BTC (EBTC) $ 96,366.00
  • amp-tokenAmp (AMP) $ 0.007845
  • axelarAxelar (AXL) $ 0.752238
  • dydxdYdX (ETHDYDX) $ 1.47
  • notcoinNotcoin (NOT) $ 0.006411
  • zksyncZKsync (ZK) $ 0.176337
  • tether-goldTether Gold (XAUT) $ 2,628.35
  • fraxFrax (FRAX) $ 0.994843
  • peanut-the-squirrelPeanut the Squirrel (PNUT) $ 0.635318
  • layerzeroLayerZero (ZRO) $ 5.65
  • mantle-restaked-ethMantle Restaked ETH (CMETH) $ 3,566.66
  • terra-lunaTerra Luna Classic (LUNC) $ 0.000112
  • chex-tokenCHEX Token (CHEX) $ 0.615539
  • reserve-rights-tokenReserve Rights (RSR) $ 0.011282
  • grassGrass (GRASS) $ 2.46
  • coinbase-wrapped-staked-ethCoinbase Wrapped Staked ETH (CBETH) $ 3,661.99
  • baby-doge-coinBaby Doge Coin (BABYDOGE) $ 0.00000000
  • turboTurbo (TURBO) $ 0.008510
  • vanaVana (VANA) $ 18.69
  • safeSafe (SAFE) $ 1.10
  • super-oethSuper OETH (SUPEROETHB) $ 3,383.36
  • cat-in-a-dogs-worldcat in a dogs world (MEW) $ 0.006307
  • oasis-networkOasis (ROSE) $ 0.082973
  • ordinalsORDI (ORDI) $ 26.37
  • echelon-primeEchelon Prime (PRIME) $ 10.75
  • blurBlur (BLUR) $ 0.262802
  • usualUsual (USUAL) $ 1.16
  • 1inch1inch (1INCH) $ 0.389035
  • beldexBeldex (BDX) $ 0.078369
  • trust-wallet-tokenTrust Wallet (TWT) $ 1.29
  • susdssUSDS (SUSDS) $ 1.02
  • paypal-usdPayPal USD (PYUSD) $ 0.998537
  • bitcoin-avalanche-bridged-btc-bAvalanche Bridged BTC (Avalanche) (BTC.B) $ 97,491.00
  • pax-goldPAX Gold (PAXG) $ 2,621.19
  • creditcoin-2Creditcoin (CTC) $ 1.25
  • pumpbtcpumpBTC (PUMPBTC) $ 96,590.00
  • apenftAPENFT (NFT) $ 0.00000052
  • livepeerLivepeer (LPT) $ 13.88
  • goatseus-maximusGoatseus Maximus (GOAT) $ 0.506847
  • gigachad-2Gigachad (GIGA) $ 0.052144
  • dexeDeXe (DEXE) $ 8.85
  • arkhamArkham (ARKM) $ 1.49
  • frax-etherFrax Ether (FRXETH) $ 3,322.83
  • true-usdTrueUSD (TUSD) $ 1.00

Hacker Exposes Leak of Two-Factor Authentication Codes

0 174

Hacker Exposes Leak of Two-Factor Authentication Codes

  beincrypto.com 1 h

Hacker Exposes Leak of Two-Factor Authentication Codes

A security researcher has discovered an unprotected database governing access to services from some of the world’s biggest tech companies. The database belongs to a short message service (SMS) routing operator responsible for sending two-factor authentication (2FA) codes to users of Meta, Google, and possibly crypto firms.

The researcher, Anurag Sen, found that the company’s YX International database was exposed without a password on the public internet. Anyone who knew the public internet protocol (IP) address could view the data.

Users Affected by Two-Factor Authentication Leak

YX International sends security codes to people logging into platforms belonging to Meta, Google, and TikTok. The company ensures that users’ messages are routed speedily through mobile networks across the globe. Among the messages it sends are security codes that form part of a two-factor authentication scheme many large companies use to protect user accounts.

Some service providers, like Google, can send an SMS code to verify a user’s authenticity after entering a password. Other authentication options include generating a code from an authenticator app to complement a password.

Hacker Exposes Leak of Two-Factor Authentication Codes

Red Box Shows Weak Point of SMS 2FA Authentication | Source: All Things Auth

While two-factor authentication seeks to improve security, it is not a silver bullet. Accordingly, crypto exchange Coinbase warns that 2FA is a minimum security measure, but it is not foolproof. Hackers can still find a way to steal funds from crypto wallets.

“While 2FA seeks to improve security, it is not foolproof. Hackers who acquire the authentication factors can still gain unauthorized access to accounts. Common ways to do so include phishing attacks, account recovery procedures, and malware. Hackers can also intercept text messages used in 2FA,” Coinbase said.

Criminals Are Using These Methods to Beat 2FA

Last year, reports of criminals bypassing 2FA on Apple devices emerged. A hacker could access Apple’s cloud platform, iCloud, and replace a user’s phone number with their own. The scheme risked the funds in crypto wallet apps on Apple devices since some applications could have sent authentication codes to compromised phone numbers.

Criminals can also use SIM swaps to enact two-factor authentication crypto scams. In this line of attack, criminals convince mobile operators like AT&T or Verizon to transfer a phone number from the rightful owner to the fraudster. After that, the criminal only needs one other piece of information to access a self-custodial wallet app owned by the true owner of the phone number.

Given the surge in quantum technology, Apple recently improved the security of its Secure Enclave hardware device embedded in iPhones. The post-quantum cryptography scheme creates new keys every time a malicious actor compromises an old one.

This feature could help crypto wallet developers improve their clients’ crypto security by storing critical information in the Secure Enclave. So far, at least one vendor has already used the Secure Enclave to grant access to their wallet app.

BeInCrypto contacted Binance, the world’s largest cryptocurrency exchange, and Coinbase for comment on whether the XY International data leak affected their users. Neither company had responded by press time.

Disclaimer

All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.

Source

Leave A Reply

Your email address will not be published.