April 16 2025:

Recently reported by Deeba Ahmed at Hackread.com, A Russian hacker group called Storm-2372 has figured out a new way to break into online accounts, even when those accounts are protected with Multi-Factor Authentication (MFA)—a security method that usually makes hacking much harder.

They’re using a sneaky method called device code phishing, which tricks people into giving access without needing a password.

How it works:
Normally, when you log into apps on things like smart TVs, you’re given a code to enter on a website to sign in.

The hackers send fake emails or texts pretending to be from trusted services (like Microsoft), asking people to enter a code.

The website they send you to looks real, but it’s fake.

When you enter the code, the hackers get access to your account—without triggering any alarms.

These attacks are hard to detect, and once in, the hackers can stay in your account for up to three months.

• They’re mainly targeting big organizations like:
• Government agencies
• Tech companies
• Banks
• Defense and healthcare companies
• Media outlets

Countries hit include the U.S., U.K., Ukraine, Germany, Canada, and Australia.

Bottom line:
Even strong security tools like MFA can be bypassed if people are tricked. Companies need smarter, more advanced protection that can tell when something suspicious is happening.

Bob Azzarello, CC (ISC)2

WeKnowCyber.com

Citation: https://hackread.com/russia-storm-2372-hit-mfa-bypass-device-code-phishing/

Related Articles

Why You Need Multi-Factor Authentication (MFA) Now

Securing Social Media Accounts