Well-known multi-factor authenticator Authy hacked

Authy is one of the most well-known multi-factor authentication tools and is used by many users because of its support for account systems and cloud synchronization. In the past, when there was only Google Authenticator, Google did not support synchronization but was purely offline. Loss of the mobile phone or data damage will cause all accounts to be unable to log in. Authy solves this pain point.
Of course, now password managers, Google, Microsoft, and Apple have launched multi-factor authentication functions, so the number of users for Authy is naturally getting lower and lower.

Twilio disclosed last week that the threat actors managed to gain access to the accounts of 93 individual users of its Authy two-factor authentication (2FA) service.

According to an announcement released by Authy developer Twilio, the Authy developer’s mobile phone number was leaked from somewhere. The hacker pretended to be the IT department and sent a phishing text message to the engineer.

After seeing the text message, the Authy developer clicked the link and then went to the fake Twilio website, submitted his account and old password, and basically did not need to talk about it later.

Twilio noted its investigation as of August 24, 2022, turned up 163 affected customers, up from 125 it reported on August 10, whose accounts it said were hacked for a limited period of time.

Authy supports multi-device synchronization and simultaneous login. Hackers use user information to add additional login devices to obtain all the multi-factor verification codes of the target account.

At present, Twilio is still investigating the security incident, and affected users will receive emails from Authy.