Trustwave Uncovers Web Extension that Circumvents 2FA to Expolit User Funds
Why Trust UsAt Coinfomania, we prioritize accuracy, transparency, and reliability. Our expert team consistently provides the most recent cryptocurrency news and developments. All information is thoroughly researched and unbiased, ensuring you make informed decisions. Trust us for comprehensive and well-analyzed crypto news, guides, and insights.
New research from cyber security company Trustwave SpiderLab has shown that cybercriminals now have a new Chromium-based browser extension used to bypass two-factor authentication and exploit crypto users. Cyber hackers use the extension, Rilide, to monitor users’ web activities, take screenshots, and inject scripts enabling them to hack users.
Although Trustwave did not find the origin of Rilide, the cybersecurity firm disclosed that it uncovered the software after black hat hackers leaked part of its code due to a feud between black hat hackers over unresolved payments in a private group.
The malicious two-factor authentication sidestepper is the first of its kind reported. Hackers in the past have used several techniques, like using flash loans to borrow from exchanges and using a bug to mint unlimited tokens in the network. The new Rilide software highlights the height of tech sophistication hackers can employ to perpetuate cyber crimes.
Rilide Bypasses 2FA
Rilide overrides two-factor verification by creating a false interface that tricks victims into inputting their one-time password in the software. Once this is achieved, the extension gains access to the user’s wallet and siphons cash to the hacker.
The malware models the authentication box to counterfeit any exchange’s email verification interface, thus making it hard to decipher for victims. Rilide processes the transaction automatically after receiving the authentication code.
Software Matches User Web Content with C2
Once installed, the Rilide works in a unique way that makes hacking easy for the exploiter. It attaches a monitor that keeps tabs on the victim’s web windows and content, consistently comparing it with the command and control (C2) server to see if it matches a list of its target information.
Once the list of activities matches the intended information needed, Rilide will inject an additional script to steal relevant user credentials and exploit the user. The extension can also feed on the victim’s web history and take screenshots
- Crypto Price Update July 24: BTC Maintains $66K, ETH at $3.4K, XRP, TON, and ADA Rallies
- Bitcoin Falls to $65K as Mt. Gox Transfers $2.8 Billion BTC to External Wallet
- News of Marathon Digital’s $138 Million Fine for Breach of Non-Disclosure Agreement Triggers a Bearish 2.5% of Its MARA Stock
- Are $530M Bitcoin ETF Inflows a Blessing or Caution?
- Metaplanet Teams with Hoseki for Real-Time Bitcoin Holdings Verification
- Building Secure Blockchain Systems: An Exclusive Interview with ARPA and Bella Protocol CEO Felix Xu
- Building The “De-Facto Crypto Trading Terminal”: An Exclusive Interview with Aurox CEO Giorgi Khazaradze
- Building a New Global Financial System: An Exclusive Interview With Tyler Wallace, Analytics Head at TrustToken
- “Solana is the Promised Land for Blockchain” — An Exclusive Interview with Solend Founder Rooter
- El Salvador: Where The Bitcoin Revolution Begins With A Legal Tender
Elendu Benedict
Related Posts
Jul 22, 2022
American Film Producer Pleads Guilty to $2.5M FLiK and CoinSpark ICO Fraud
sidebar
