Acquired by Ripple in early September, the Fort trust acknowledged a $15 million (R$72 million) hack last week. The company claimed its systems were intact and blamed a third-party supplier.
That is such a supplier Re-equip. In a note published on Wednesday (13), the company also blamed a third party: Googling.
While she admits that an employee fell victim to a phishing scam late last month, she also claims that there is a new backup feature Google Authenticator contributed to the million-dollar hack that targeted several companies in the cryptocurrency sector.
The criticized Google Authenticator backup
In April this year, Google announced that Authenticator, its two-factor authentication (2FA) application, was getting a new feature. This allowed users to store this data in the cloud by simply logging in to access it.
This new feature was considered a major security hole by several people. Binance, the world’s largest cryptocurrency broker, was among the first to ask its users to disable this option, noting that the convenience did not justify the risk.
After all, if your Google account were hacked, hackers would have full access to all 2FA codes found in the application.
Fortress Trust blames Retool
In remark Published on September 7, Fortress Trust stated that its customers were hit by an attack targeting its service provider.
“Last week, 4 Fortress customers were affected by a third-party vendor whose cloud tools were compromised”the company writes on Twitter. “We immediately ended vendor onboarding and suspended all accounts as a precaution to evaluate and ensure the security of the entire system.”
Although the tweet also stated that no money had been lost, Fortress founder Scott Purcell told Fortune the following week that his company lost between R$58 and R$72 million (US$12 to 15 million) from the attack ) lost.
Retool blames new Google feature
On Wednesday (13), Snir Kodesh, head of engineering at Retool, assumed that his company had fallen victim to a phishing attack at the end of August. The attack affected 27 Retool customer companies, including Fortress Trust.
According to the report, several Retool employees were targeted by social engineering. In the messages, the hackers posed as customers of the company and asked employees to access a link to fix an issue in their systems.
Although almost all employees ignored the messages, one of them eventually fell for the scam. After logging into the fake portal, the employee received a call and passed an additional two-factor authentication code to the attacker.
“This allowed them to have an active GSuite session on that device”says Kodesh. “Google recently launched the Google Authenticator sync feature that syncs MFA (multi-factor authentication) codes to the cloud. This is very insecure because if your Google account is hacked, so are your MFA codes.”
“Unfortunately, Google uses shady standards to convince you to sync your MFA codes to the cloud, and our employee actually enabled this ‘feature’.”
Finally, Retool’s director points out that hackers gained access to the company’s internal VPN and administration systems, allowing them to take control of several client company accounts, all in the cryptocurrency industry.
The community is responding to the hack and calling for more decentralization
Via social media, Jameson Lopp, Bitcoin developer said, remembered that Scott Purcell, founder of Trust Fortress, also founded Prime Trust, a company that went bankrupt last month.
“What a burning dumpster fire. I can’t believe anyone trusted them after they broke the Prime Trust.”
Mike Belshe, CEO of BitGo, published one long text about Fortress’ position, which tried to hide what happened initially. Although his company is also centralized, the director points out that he will continue to fight to eliminate human involvement, and ensure that the financial system does not depend on anyone’s integrity.
“This is the whole situation and this is exactly why we need decentralization”Belshe noted, noting that his company is not connected to what happened. “We cannot continue to depend on the honesty of savers, bankers or ‘trusted third parties’ who act with integrity when bad things happen.”
“Bad things are going to happen, and most people don’t have enough courage to be honest about it.”
While users can avoid third-party services by keeping their investments in their own wallets, security holes like Google Authenticator’s cloud backup require attention. In closing, Snir Kodesh, director at Retool, once again mentioned the dangers of this new feature.
“The fact that Google Authenticator syncs with the cloud is a new attack vector.”
“What we originally implemented was multi-factor authentication, but with this update from Google, what was once multi-factor authentication has quietly become single-factor authentication.”Kodesh concluded.
Follow Livecoins on Google News.
Like on Facebook, Tweet and Instagram.
Source: Live Coins
Barry Siefert is an accomplished journalist and author at The Nation View. He is known for his expertise in the field of cryptocurrency, and has written extensively on the topic. With a background in finance and economics, Barry has a deep understanding of the underlying technology and market forces that drive the crypto industry.
