Gmail and Outlook Users Beware: Dangerous New 2FA Bypass Attack

cybersecurityGoogle

A new cybersecurity threat is putting billions of Gmail, Outlook, AOL, and Yahoo users at risk. Despite the added security of two-factor authentication (2FA), a newly discovered attack method can completely bypass these protections, leaving accounts vulnerable to hackers.

How the Attack Works

This alarming threat has been uncovered by cybersecurity firm SlashNext, which recently published a report on a phishing kit known as Astaroth. Unlike traditional phishing attacks that rely on fake login pages, Astaroth uses a man-in-the-middle (MITM) technique to intercept login credentials, authentication tokens, and session cookies in real time. This means attackers can take over accounts even if 2FA is enabled.

What Makes This Attack So Dangerous?

Astaroth stands out because it doesn’t just steal usernames and passwords—it also captures 2FA codes and session cookies as they are generated. Using a reverse proxy mechanism, the attack allows hackers to bypass 2FA defenses with unprecedented speed and accuracy.

In contrast to conventional phishing attacks that depend on static fake login pages, this sophisticated method dynamically intercepts authentication data in real time, making older security measures largely ineffective.

How the Attack Begins

Like most phishing schemes, this attack starts with a malicious link—often sent via email, text, or social media. Once clicked, the link redirects the victim to a fraudulent website that perfectly mimics a legitimate login page, such as Google or Outlook.

Because the site looks authentic and does not trigger security warnings, users are tricked into entering their credentials. The MITM attack then captures this information in real time, passing it to the real website in the background to maintain the illusion of legitimacy.

Why 2FA Isn’t Enough

Normally, 2FA is an effective security measure. However, Astaroth automatically captures any 2FA codes entered by the victim. These stolen tokens are immediately sent to the attacker through a web panel and Telegram notifications, allowing them to log in just as the victim would.

Furthermore, the attack doesn’t stop at credentials and 2FA codes—it also steals session cookies from the user’s browser. With these cookies, attackers can replicate an authenticated session on their own devices, eliminating the need to log in again. Although security updates are being developed to combat session hijacking, this remains a significant threat.

How to Stay Safe

The good news is that this attack is completely avoidable if users follow basic security precautions:

  • Never click on unknown links in emails, texts, or social media messages.
  • Always verify URLs before entering login credentials.
  • Use a password manager to detect and prevent login attempts on fraudulent sites.
  • Enable passkeys or hardware security keys as they offer stronger protection than 2FA codes.
  • Monitor account activity regularly for unauthorized access.

Cybercriminals are constantly developing new ways to exploit security measures, but staying informed and vigilant can help keep your accounts safe. Avoid suspicious links, use strong authentication methods, and always double-check where you’re entering your credentials.

Source

Control F5 Team
Blog Editor
Relational Services
Web Applications
Dev Ops
Mobile Applications
MVP Development
Software Testing
UI / UX Design
OUR WORK
Case studies

We have helped 20+ companies in industries like Finance, Transportation, Health, Tourism, Events, Education, Sports.

 
AI Powered News Portal and Aggregation App
Web & Mobile Application Journalism
AI Powered News Portal and Aggregation App
Case Study
Data Computing Visualization Platform for Ernst & Young
Web Platform Financial
Data Computing Visualization Platform for Ernst & Young
Case Study
Suite of Applications for Fintech Trading Company
Suite of Applications Financial
Suite of Applications for Fintech Trading Company
Case Study
Reservation Platform For Travel Agency
Web Platform Travel
Reservation Platform For Travel Agency
Case Study
Online Road Tax Payment Platform
Web & Mobile Application Transportation
Online Road Tax Payment Platform
Case Study
Team Augmentation and Consultancy for A SaaS Company
Team Augmentation Hospitality
Team Augmentation and Consultancy for A SaaS Company
Case Study
Wedding Photographers And Videographers Marketplace
Marketplace Events
Wedding Photographers And Videographers Marketplace
Case Study
Portal & Online Magazine for Brides
Online Magazine Events
Portal & Online Magazine for Brides
Case Study
Custom eCommerce Solution for Cosmetics Company
Online Shop eCommerce
Custom eCommerce Solution for Cosmetics Company
Case Study
Web Application for Comparing Tariff Plans and Phone Offers
Web Application Telecom
Web Application for Comparing Tariff Plans and Phone Offers
Case Study
Dental Clinics Marketplace
Marketplace Health
Dental Clinics Marketplace
Case Study
Micro-services Solution for Hotel Reservation Agency for Realtime Pricing Update
Backend System Travel
Micro-services Solution for Hotel Reservation Agency for Realtime Pricing Update
Case Study
 
View all case studies
READY TO DO THIS
Let’s build something together
Contact us