18 New Mobile MFA Bypass Exploits
March 21st, 2023 |
Researchers have discovered at least 18 vulnerabilities affecting Exynos modems used in multiple versions of Samsung, Pixel and Google smartphones. These flaws can be exploited to gain access to personal and confidential data on the mobile device, but also to use the access to steal MFA codes to gain privileged access to applications.
These vulnerabilities empower hackers to covertly gain access to these smartphones. 4 out of 18 of the security flaws allow hackers to compromise the phone remotely using just the victim’s phone number.
It’s important to note that attackers would need some privileged access to a mobile network operator or local access to the device to exploit them. Previous reports show that plants or recruited bad actors withinb Service Providers have been assisting malicious threat actors in installing malware on victim devices for some time now.
These critical exploits are covered in CVE-2023-24033.
Acreto Ecosystem security is technology for any IP based assets, including mobile phones and tablets. This includes access control, isolation and full inline threat prevention.
Moreover, Acreto delivers uniform and consistent security for all of an organization’s technologies regardless of the type of technology, location, connected network or ownership.
This includes:
|
Access Technologies Organization or BYOD Devices – Mobile Phones & Tablets – Internet-of-Things (IoT) – Internet-of-Medical Devices (IoMD) Offices Third-Party |
Application Delivery Technologies Data Centers Clouds SaaS Applications |
About Acreto
Acreto delivers full-stack cybersecurity without products, logistics or significant security expertise. It creates and consolidates the best of cybersecurity into a single plug-and-play platform with automated updates to stay ahead of threats. Acreto activates enterprise-grade security instantly, so organizations can run safely, easily, and without interruption.