To all the people telling me this will never happen, and I should stop trash talking 2FA (TOTP, SMS, etc *not* U2F). Please read this, then kindly apologise. https://twitter.com/josephfcox/status/1075391745502924801 …
-
This Tweet is unavailable.
-
Replying to @taviso
Doesn’t seem like the 2FA phishing portion would work if the person is using an authenticator app on the phone with a OTP
1 reply 0 retweets 1 like -
Replying to @jerryrivas
It would work, TOTP, HOTP, SMS, all similar schemes are vulnerable to the same attack. Use U2F instead.
2 replies 0 retweets 4 likes -
Replying to @MarcoErmini @jerryrivas
Yes, they are. Read through the attack again.
5:03 AM - 20 Dec 2018
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.