In June, hackers managed to break into employee accounts on the social news platform Reddit.
Users' email addresses and a backup from 2007, which sometimes included obscured passwords, were stolen. Multi-factor authentication (MFA) revealed vulnerabilities, allowing hackers to intercept the authentication code transmitted via SMS.
Weak points of multi-factor authentication?
The code sent is intended to ensure that the person who claims to do so actually logs in. In principle, TÜV AUSTRIA always recommends the use of multi-factor authentication (MFA). This prevents the takeover of an account by knowing only one factor such as the password.
“However, this latest example highlights possible vulnerabilities in some forms of multi-factor authentication,”
admits TÜV AUSTRIA expert Hendrik Dettmer.
The complexity of attacks increases significantly
Attackers could specifically locate cell phone numbers in order to use them with specific attack methods.
“Hackers would, for example, try to order a second SIM card,”
Dettmer describes the theoretical process, which, however, significantly increases the complexity of an attack.
Multi-factor authentication and balancing of security measures
“The Reddit case shows that using more than one factor is at least associated with greater effort for the attacker,”
summarizes Hendrik Dettmer and emphasizes that MFA is therefore recommended for most applications. In any case, TÜV AUSTRIA advises that for critical applications, the security of the factors used should be weighed up with IT security experts.
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

