Y
Hacker News
new
|
ask
|
show
|
jobs
by
gruez
2565 days ago
If the attacker manages to get malware on the mac, they can also wait for you to do a login, and steal your 2fa code as you enter it.
1 comments
ViViDboarder
2565 days ago
Or just steal your session tokens. Not all apps are secure enough to prevent session roaming.
link
dwaite
2565 days ago
Or just remote drive your session. Token exfiltration isn't required if you can do XSS or say script injection via browser extensions (and exfiltration is more likely to hit anomaly/fraud detection)
link