[mike-cardwell]

Depends on the type of 2FA. If it's using U2F, then you'd be fine as that is tied to the domain name of the site you're on, but if it's using TOTP/HOTP (i.e. Google Authenticator), and the phishing site asked you for your 2FA code, and you gave it, then you would still be successfully phished.

[thomasahle]

Is the difference here that TOTP/HOTP is entered by the user, while U2F is entered automatically?

[mike-cardwell]

Yes. With U2F the recipient of the token is verified by a machine. With TOTP/HOTP it is verified by the user looking at the browser address bar.

[Niten]

Not entirely. The important difference is that instead of generating a secret on the token and passing it to the server, U2F has the token answer a challenge issued by the server and encrypted to the token's (per-domain) public key, stored by the server at token registration time.

The corresponding private key is stored on the token indexed in part by the requesting domain, which is supplied by the browser during an auth request. It is because of browser participation that a MITM domain would not be able to ask the token to answer the challenge with the correct key handle.

The actual implementation can differ from what's described above, see Yubico's description of their key wrapping scheme if you want more detail:

https://www.yubico.com/2014/11/yubicos-u2f-key-wrapping/

[microtonal]

Besides what mike-cardwell says, TOTP relies on a shared secret, while U2F uses challenge response authentication. Even if a MITM captures the (encrypted) challenge-response sequence, a new authentication requires a new challenge-response.