Phishing Campaign: 1, 2FA: 0

Two Factor Authentication or 2FA is good extra protection against breaches or hacks. But this week’s hack shows not all forms of 2FA are foolproof, read on for which 2FA is most secure.

Certfa, a cyber-security firm, reported earlier this week that Iranian hackers deployed a spear phishing campaign dubbed “The Return of the Charming Kitten”, because their tactics mirror an earlier group of Iranian hackers called Charming Kitten.

This campaign targeted American politicians, human rights activists, and other figures connected to the economic sanctions against Iran that started November 4, 2018.

This hack fulfills some threat predictions for 2019 that more cyber attacks will be mounted against nations and there might even be cause for an interstate dialogue of what cyber attacks are off limits– just like rules of war.  

These hacks send fake alerts to make their targets think their accounts have been breached elsewhere. The targets then enter their email information and their 2FA to let the hacker in. This group has set up more than 20 domains to do so between September and November 2018.


Keep in mind SMS two factor authentication leaves you vulnerable to man in the middle attacks.  

The hackers have formatted this content for Yahoo! and Gmail platforms, both mobile and desktop. To bypass Gmail’s antiphishing system the attackers send these notifications in image form instead of text form, using something like the below image:

This Charming Kitten attack was targeting high level state actors, but that doesn’t mean there aren’t things to learn for the rest of us:

– Do not use 2 Factor Authentication that relies on text messages alone, use 2FA with an application like Google Authenticator

– Don’t store sensitive information in your normal email inbox

– Just because it says HTTPS doesn’t mean you can trust it, click here to see why

Leave Comment

Your email address will not be published.