The PoisonSeed phishing campaign is shaking up online security by bypassing standard FIDO2 protections. It does this by misusing the cross-device sign-in feature in WebAuthn, tricking users into approving fake login requests.
Known for its aggressive tactics, PoisonSeed often targets financial accounts. In previous attacks, they distributed emails with crypto seed phrases that led to drained wallets.
A recent report from Expel shows how the PoisonSeed actors don’t exploit vulnerabilities in FIDO2 security but leverage its legitimate features. This is both alarming and eye-opening for many users.
Cross-device authentication allows users to sign in on one device using an authentication key or app from another, often via Bluetooth or QR code instead of a physical key. However, this feature can be manipulated.
In the attack, users are led to fake sites that mimic real corporate portals, like those from Okta or Microsoft 365. When users input their login details, the attackers secretly access these details on the actual site in real-time.
Instead of asking for the user’s physical FIDO2 key to complete multi-factor authentication, the phishing backend orchestrates a cross-device authentication process. The legitimate site then generates a QR code that’s sent back to the phishing page, displaying it for the user to scan. This scan unwittingly authorizes the attacker’s login attempt.
By using this technique, PoisonSeed bypasses key security features. As Expel clarified, they’re not exploiting a flaw but misusing a built-in feature.
To help users stay safe, experts suggest a few strategies:
- Restrict login attempts based on geographic locations, requiring registration for remote access.
- Regularly verify newly registered FIDO keys from unfamiliar locations or brands.
- Implement Bluetooth-based authentication as a strict requirement to enhance security during cross-device authentication.
Interestingly, there was another case where an attacker registered their own FIDO key after hijacking an account. This incident underscores how clever and persistent cybercriminals can be, often discovering new methods to outsmart security measures.
Overall, the PoisonSeed campaign showcases a worrying trend in phishing tactics. As security evolves, so do the methods used by attackers. Staying informed and vigilant is essential to avoid falling victim to these schemes.
Related Posts
Don’t Miss Out: Aaron Rodgers’ Countdown to Crucial Offseason Reps with the Steelers!
University of Alabama System Board of Trustees Appoints New Leader from Ohio State: What This Means for the Future
Unearthing the Past: Discover the 1,000-Year-Old Viking Poop That Unveils Surprising Secrets!
Why the Former White House Doctor Refused to Testify on Biden’s Mental Fitness: Key Insights from the GOP Investigation
Climate Conversations: Vernon-Lake Country-Monashee Candidates Discuss Vital Issues in Engaging Community Forum
Krafton vs. Subnautica Creators: What This Legal Battle Means for Gamers
Father of Alleged Captive Son: Was He Really In Control? Inside the Controversial Claims Between Family and Stepmother’s Lawyer
Closure of Roosevelt Hotel Shelter: What It Means for NYC’s Migrant Community
Heroic Woman Fends Off Knife-Wielding Attacker in Dog Theft Attempt Near Drexel University
Revolutionizing Warfare: Chinese Scientists Unveil Near-Invisible Stealth Missiles Set to Transform Military Strategy
:max_bytes(150000):strip_icc():focal(997x615:999x617)/Kimberly-Sullivan-031225-b23664a516974143a23b99b0cdae9020.jpg?w=480&resize=480,480&ssl=1 "Father of Alleged Captive Son: Was He Really In Control? Inside the Controversial Claims Between Family and Stepmother’s Lawyer")
Are Chatbots Igniting a Mental Health Crisis? Unpacking the Hidden Risks
Transforming Food Safety in 2025: Essential Regulatory Changes You Need to Know
What’s Next for Damian Lillard After His Surprising Exit from Milwaukee?
2024 was disappointing for Indian boxing, returned empty handed from Olympics
Your Ultimate Guide to Viksit Bharat: Navigating the Path to a Developed India
Patriotic Profits: Top 8 Defence Stocks Soaring in the Indian Market
Discover 6 Must-Try Soul Food Destinations to Celebrate Juneteenth!
Understanding the Impact of Trump Tariffs on Canada and Mexico: A Comprehensive Analysis
Unpacking ‘Nino’: A Captivating Film Review You Can’t Miss | Eye For Film
How does one get a job in the company where Atul Subhash worked, how much qualification is required?
