Phishers have found a way to downgrade—not bypass—FIDO MFA
Phishers have discovered a way to downgrade, not bypass, FIDO (Fast Identity Online) multifactor authentication (MFA) protections, as reported by security firm Expel. This attack involves tricking users into entering their credentials on a fake login page linked in an email, ultimately leading to unauthorized access to accounts. While FIDO is known for its resistance to credential phishing attacks, this new technique manipulates the MFA process to a weaker, non-FIDO-based method, making it a FIDO downgrade attack. The attack, attributed to a group named PoisonSeed, highlights the evolving tactics of cybercriminals in compromising user security.
Ars Technica•