2FA
Search documents
X @Cointelegraph
Cointelegraph· 2025-09-26 02:00
🚨 ALERT: New sophisticated phishing attack targeting crypto influencers on X bypasses 2FA by exploiting X's app authorization system.Attackers use fake Google Calendar links that redirect to malicious apps requesting account access. Do not click unexpected links in DMs and do not approve app authorizations from unknown sources. ...
X @PlanB
PlanB· 2025-07-11 15:20
Security Breach Incident - A prominent Twitter (now X) user's ProtonMail account, `100trillionusd@protonmail`, was hacked, raising concerns about email security [3] - The hacker gained access by exploiting the password recovery process, indicating a targeted attack with specific knowledge of the account [2] - Minimal damage was reported due to Proton's encryption of email content and attachments, limiting the hacker's access to email addresses and subjects [1] User Security Practices - The user acknowledges the lack of 2FA (Two-Factor Authentication) on the compromised email account as a contributing factor [3] - The user had 2FA enabled on social media and exchange accounts, but not on this particular, older email account [3] Impact and Response - The user warned contacts to assume their email addresses and emails were compromised if they had communicated with the hacked account since July 5 [3] - The user plans to discontinue using ProtonMail in the future [4] - Proton acted swiftly to freeze the account upon notification, preventing further unauthorized access [1] Industry Implications - The incident highlights the importance of enabling 2FA on all accounts, including email, to enhance security [3] - The attack underscores the potential vulnerabilities in password recovery processes and the need for robust security measures by email providers [2]