|
|
|
|
|
|
by r1ch
3613 days ago
|
|
|
Seems to be done with a mix of compromised (reused) credentials and social engineering. Social media accounts in particular are quite vulnerable to social engineering since they are often tied to mobile devices and it's fairly easy to contact a network operator and set up a forwarding number or request a new SIM card etc which completely bypasses most 2FA solutions. |
|
|