AnsweredAssumed Answered

Chinese hacker group caught bypassing 2FA

Question asked by Gordon Mathias on Dec 24, 2019
Latest reply on Jan 8, 2020 by Erica Chalfin

Hello,

 

I've been going through the recent news articles that are making its round on the internet regarding bypass of 2FA using the RSA SecurID tokens. Articles below:-

 

https://resources.fox-it.com/rs/170-CAK-271/images/201912_Report_Operation_Wocao.pdf 

 

Chinese hacker group caught bypassing 2FA | ZDNet 

 

Questions:

 

1. Has RSA addressed these articles yet?

2. The report doesn't clearly state this but the thesis seems to imply that the STDID file based import is what is being exploited. I wanted to understand if the CT-KIP based distribution would also have the same impact?

 

Thank You,

Gordon

Outcomes