|
|
|
|
|
|
by amypetrik8
195 days ago
|
|
|
Most likely victims did not use 2FA. In the hypothetical that they did and he were a strong hacker, he could possibly cook up a man in the middle attack - victim provides username, password, and 2FA. Man in the middle uses them to login on behalf of the victim, saves a copy of "remember this computer" type cookies, passes it all back to the victim transparently. That would be a lot harder to implement than a basic username/password phishing site however. |
|
|