• bitcoinBitcoin (BTC) $ 63,128.00
  • ethereumEthereum (ETH) $ 3,113.36
  • tetherTether (USDT) $ 1.00
  • bnbBNB (BNB) $ 588.45
  • solanaSolana (SOL) $ 144.25
  • usd-coinUSDC (USDC) $ 1.00
  • xrpXRP (XRP) $ 0.532981
  • staked-etherLido Staked Ether (STETH) $ 3,110.08
  • dogecoinDogecoin (DOGE) $ 0.147525
  • the-open-networkToncoin (TON) $ 5.70
  • cardanoCardano (ADA) $ 0.469364
  • shiba-inuShiba Inu (SHIB) $ 0.000025
  • avalanche-2Avalanche (AVAX) $ 35.63
  • tronTRON (TRX) $ 0.123598
  • polkadotPolkadot (DOT) $ 7.27
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 63,030.00
  • bitcoin-cashBitcoin Cash (BCH) $ 455.76
  • chainlinkChainlink (LINK) $ 14.14
  • nearNEAR Protocol (NEAR) $ 6.90
  • matic-networkPolygon (MATIC) $ 0.735603
  • internet-computerInternet Computer (ICP) $ 13.68
  • litecoinLitecoin (LTC) $ 82.26
  • uniswapUniswap (UNI) $ 7.62
  • fetch-aiFetch.ai (FET) $ 2.18
  • leo-tokenLEO Token (LEO) $ 5.85
  • daiDai (DAI) $ 1.00
  • hedera-hashgraphHedera (HBAR) $ 0.112437
  • ethereum-classicEthereum Classic (ETC) $ 27.12
  • aptosAptos (APT) $ 9.11
  • first-digital-usdFirst Digital USD (FDUSD) $ 1.00
  • crypto-com-chainCronos (CRO) $ 0.133958
  • pepePepe (PEPE) $ 0.000008
  • blockstackStacks (STX) $ 2.37
  • cosmosCosmos Hub (ATOM) $ 8.81
  • mantleMantle (MNT) $ 1.04
  • filecoinFilecoin (FIL) $ 6.09
  • immutable-xImmutable (IMX) $ 2.26
  • stellarStellar (XLM) $ 0.112117
  • render-tokenRender (RNDR) $ 8.34
  • dogwifcoindogwifhat (WIF) $ 3.14
  • okbOKB (OKB) $ 51.11
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 3,063.62
  • xtcom-tokenXT.com (XT) $ 3.01
  • optimismOptimism (OP) $ 2.86
  • bittensorBittensor (TAO) $ 430.55
  • arbitrumArbitrum (ARB) $ 1.07
  • makerMaker (MKR) $ 2,975.90
  • vechainVeChain (VET) $ 0.037502
  • wrapped-eethWrapped eETH (WEETH) $ 3,226.20
  • kaspaKaspa (KAS) $ 0.112219
  • the-graphThe Graph (GRT) $ 0.276248
  • suiSui (SUI) $ 1.12
  • ethena-usdeEthena USDe (USDE) $ 1.00
  • arweaveArweave (AR) $ 34.79
  • moneroMonero (XMR) $ 125.18
  • injective-protocolInjective (INJ) $ 24.96
  • theta-tokenTheta Network (THETA) $ 2.20
  • fantomFantom (FTM) $ 0.705412
  • lido-daoLido DAO (LDO) $ 2.14
  • celestiaCelestia (TIA) $ 10.21
  • coredaoorgCore (CORE) $ 2.06
  • bonkBonk (BONK) $ 0.000027
  • thorchainTHORChain (RUNE) $ 5.36
  • rocket-pool-ethRocket Pool ETH (RETH) $ 3,440.20
  • flokiFLOKI (FLOKI) $ 0.000176
  • bitget-tokenBitget Token (BGB) $ 1.15
  • sei-networkSei (SEI) $ 0.574651
  • galaGALA (GALA) $ 0.045409
  • algorandAlgorand (ALGO) $ 0.192824
  • quant-networkQuant (QNT) $ 106.61
  • mantle-staked-etherMantle Staked Ether (METH) $ 3,195.46
  • jupiter-exchange-solanaJupiter (JUP) $ 1.07
  • whitebitWhiteBIT Coin (WBT) $ 10.01
  • flowFlow (FLOW) $ 0.915914
  • beam-2Beam (BEAM) $ 0.025489
  • wormholeWormhole (W) $ 0.742949
  • aaveAave (AAVE) $ 89.03
  • bitcoin-svBitcoin SV (BSV) $ 63.22
  • dydx-chaindYdX (DYDX) $ 2.19
  • zebec-protocolZebec Protocol (ZBC) $ 0.023984
  • ethenaEthena (ENA) $ 0.854286
  • flare-networksFlare (FLR) $ 0.031297
  • bittorrentBitTorrent (BTT) $ 0.000001
  • ondo-financeOndo (ONDO) $ 0.832682
  • ether-fi-staked-ethether.fi Staked ETH (EETH) $ 3,101.58
  • neoNEO (NEO) $ 16.73
  • ribbon-financeRibbon Finance (RBN) $ 1.20
  • singularitynetSingularityNET (AGIX) $ 0.893009
  • elrond-erd-2MultiversX (EGLD) $ 41.56
  • axie-infinityAxie Infinity (AXS) $ 7.55
  • gatechain-tokenGate (GT) $ 8.07
  • chilizChiliz (CHZ) $ 0.120941
  • worldcoin-wldWorldcoin (WLD) $ 5.17
  • akash-networkAkash Network (AKT) $ 4.44
  • the-sandboxThe Sandbox (SAND) $ 0.453834
  • starknetStarknet (STRK) $ 1.37
  • tokenize-xchangeTokenize Xchange (TKX) $ 12.37
  • ecasheCash (XEC) $ 0.000049
  • kucoin-sharesKuCoin (KCS) $ 10.13
  • tezosTezos (XTZ) $ 0.980580
  • eosEOS (EOS) $ 0.834071
  • mina-protocolMina Protocol (MINA) $ 0.851160
  • havvenSynthetix Network (SNX) $ 2.85
  • conflux-tokenConflux (CFX) $ 0.230285
  • roninRonin (RON) $ 2.81
  • heliumHelium (HNT) $ 5.43
  • jasmycoinJasmyCoin (JASMY) $ 0.018500
  • msolMarinade Staked SOL (MSOL) $ 170.44
  • cheeleeCheelee (CHEEL) $ 15.51
  • ordinalsORDI (ORDI) $ 41.60
  • decentralandDecentraland (MANA) $ 0.449975
  • pyth-networkPyth Network (PYTH) $ 0.545160
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 3,113.39
  • axelarAxelar (AXL) $ 1.25
  • gnosisGnosis (GNO) $ 309.74
  • apecoinApeCoin (APE) $ 1.25
  • nervos-networkNervos Network (CKB) $ 0.017944
  • safeSafe (SAFE) $ 1.80
  • aioz-networkAIOZ Network (AIOZ) $ 0.705873
  • dexeDeXe (DEXE) $ 13.05
  • kavaKava (KAVA) $ 0.686796
  • iotaIOTA (IOTA) $ 0.227236
  • usddUSDD (USDD) $ 0.998207
  • echelon-primeEchelon Prime (PRIME) $ 18.70
  • nexoNEXO (NEXO) $ 1.30
  • pancakeswap-tokenPancakeSwap (CAKE) $ 2.72
  • book-of-memeBOOK OF MEME (BOME) $ 0.010229
  • theta-fuelTheta Fuel (TFUEL) $ 0.106740
  • klay-tokenKlaytn (KLAY) $ 0.186057
  • lido-staked-solLido Staked SOL (STSOL) $ 169.93
  • dydxdYdX (ETHDYDX) $ 2.19
  • blurBlur (BLUR) $ 0.416384
  • swethSwell Ethereum (SWETH) $ 3,280.99
  • oasis-networkOasis Network (ROSE) $ 0.097001
  • fraxFrax (FRAX) $ 0.998944
  • frax-etherFrax Ether (FRXETH) $ 3,105.95
  • illuviumIlluvium (ILV) $ 97.37
  • terra-lunaTerra Luna Classic (LUNC) $ 0.000108
  • mantra-daoMANTRA (OM) $ 0.759597
  • fasttokenFasttoken (FTN) $ 1.97
  • wemix-tokenWEMIX (WEMIX) $ 1.69
  • bitcoin-goldBitcoin Gold (BTG) $ 34.31
  • sats-ordinalsSATS (Ordinals) (SATS) $ 0.00000028
  • ocean-protocolOcean Protocol (OCEAN) $ 0.915874
  • osmosisOsmosis (OSMO) $ 0.878801
  • popcatPopcat (POPCAT) $ 0.587568
  • coinbase-wrapped-staked-ethCoinbase Wrapped Staked ETH (CBETH) $ 3,324.74
  • tether-goldTether Gold (XAUT) $ 2,296.79
  • aerodrome-financeAerodrome Finance (AERO) $ 1.29
  • astarAstar (ASTR) $ 0.098575
  • dymensionDymension (DYM) $ 3.32
  • woo-networkWOO (WOO) $ 0.298183
  • iotexIoTeX (IOTX) $ 0.058427
  • venomVenom (VENOM) $ 0.329290
  • altlayerAltLayer (ALT) $ 0.395996
  • curve-dao-tokenCurve DAO (CRV) $ 0.440804
  • true-usdTrueUSD (TUSD) $ 1.00
  • xdce-crowd-saleXDC Network (XDC) $ 0.036367
  • ankrAnkr Network (ANKR) $ 0.049893
  • staked-frax-etherStaked Frax Ether (SFRXETH) $ 3,370.16
  • corgiaiCorgiAI (CORGIAI) $ 0.001441
  • trust-wallet-tokenTrust Wallet (TWT) $ 1.19
  • ethereum-name-serviceEthereum Name Service (ENS) $ 15.75
  • pendlePendle (PENDLE) $ 5.06
  • arkhamArkham (ARKM) $ 2.23
  • mx-tokenMX (MX) $ 4.91
  • apenftAPENFT (NFT) $ 0.00000048
  • radixRadix (XRD) $ 0.044941
  • ether-fiEther.fi (ETHFI) $ 4.02
  • golemGolem (GLM) $ 0.458564
  • manta-networkManta Network (MANTA) $ 1.80
  • zilliqaZilliqa (ZIL) $ 0.024662
  • enjincoinEnjin Coin (ENJ) $ 0.310539
  • memecoin-2Memecoin (MEME) $ 0.025903
  • 1inch1inch (1INCH) $ 0.385422
  • stepnGMT (GMT) $ 0.228544
  • holotokenHolo (HOT) $ 0.002483
  • amp-tokenAmp (AMP) $ 0.007851
  • rocket-poolRocket Pool (RPL) $ 21.66
  • livepeerLivepeer (LPT) $ 13.64
  • celoCelo (CELO) $ 0.815042
  • raydiumRaydium (RAY) $ 1.66
  • jito-governance-tokenJito (JTO) $ 3.53
  • superfarmSuperVerse (SUPER) $ 0.944980
  • ravencoinRavencoin (RVN) $ 0.030908
  • pax-goldPAX Gold (PAXG) $ 2,295.40
  • cat-in-a-dogs-worldcat in a dogs world (MEW) $ 0.004694
  • 0x0x Protocol (ZRX) $ 0.493914
  • ethereum-pow-iouEthereumPoW (ETHW) $ 3.88
  • terra-luna-2Terra (LUNA) $ 0.603902
  • siacoinSiacoin (SC) $ 0.007231
  • compound-governance-tokenCompound (COMP) $ 59.75
  • skaleSKALE (SKL) $ 0.078891
  • aelfaelf (ELF) $ 0.559503
  • qtumQtum (QTUM) $ 3.77
  • polymeshPolymesh (POLYX) $ 0.373514
  • project-galaxyGalxe (GAL) $ 3.72
  • stader-ethxStader ETHx (ETHX) $ 3,190.45
  • safepalSafePal (SFP) $ 0.836709
  • origintrailOriginTrail (TRAC) $ 0.932527
Bitcoin

Hacker Exposes Leak of Two-Factor Authentication Codes

By admin
0 38

Hacker Exposes Leak of Two-Factor Authentication Codes

  beincrypto.com 1 h

Hacker Exposes Leak of Two-Factor Authentication Codes

A security researcher has discovered an unprotected database governing access to services from some of the world’s biggest tech companies. The database belongs to a short message service (SMS) routing operator responsible for sending two-factor authentication (2FA) codes to users of Meta, Google, and possibly crypto firms.

The researcher, Anurag Sen, found that the company’s YX International database was exposed without a password on the public internet. Anyone who knew the public internet protocol (IP) address could view the data.

Users Affected by Two-Factor Authentication Leak

YX International sends security codes to people logging into platforms belonging to Meta, Google, and TikTok. The company ensures that users’ messages are routed speedily through mobile networks across the globe. Among the messages it sends are security codes that form part of a two-factor authentication scheme many large companies use to protect user accounts.

Some service providers, like Google, can send an SMS code to verify a user’s authenticity after entering a password. Other authentication options include generating a code from an authenticator app to complement a password.

Hacker Exposes Leak of Two-Factor Authentication Codes

Red Box Shows Weak Point of SMS 2FA Authentication | Source: All Things Auth

While two-factor authentication seeks to improve security, it is not a silver bullet. Accordingly, crypto exchange Coinbase warns that 2FA is a minimum security measure, but it is not foolproof. Hackers can still find a way to steal funds from crypto wallets.

“While 2FA seeks to improve security, it is not foolproof. Hackers who acquire the authentication factors can still gain unauthorized access to accounts. Common ways to do so include phishing attacks, account recovery procedures, and malware. Hackers can also intercept text messages used in 2FA,” Coinbase said.

Criminals Are Using These Methods to Beat 2FA

Last year, reports of criminals bypassing 2FA on Apple devices emerged. A hacker could access Apple’s cloud platform, iCloud, and replace a user’s phone number with their own. The scheme risked the funds in crypto wallet apps on Apple devices since some applications could have sent authentication codes to compromised phone numbers.

Criminals can also use SIM swaps to enact two-factor authentication crypto scams. In this line of attack, criminals convince mobile operators like AT&T or Verizon to transfer a phone number from the rightful owner to the fraudster. After that, the criminal only needs one other piece of information to access a self-custodial wallet app owned by the true owner of the phone number.

Given the surge in quantum technology, Apple recently improved the security of its Secure Enclave hardware device embedded in iPhones. The post-quantum cryptography scheme creates new keys every time a malicious actor compromises an old one.

This feature could help crypto wallet developers improve their clients’ crypto security by storing critical information in the Secure Enclave. So far, at least one vendor has already used the Secure Enclave to grant access to their wallet app.

BeInCrypto contacted Binance, the world’s largest cryptocurrency exchange, and Coinbase for comment on whether the XY International data leak affected their users. Neither company had responded by press time.

Disclaimer

All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.

Source

admin 6099 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.