How Secure Are Your Social Media Accounts?

Are you confident that your social media accounts are safe from hackers? Think again. According to a recent study by eSentire, even users of the popular social media site X (formerly Twitter) with two-factor authentication set up are at risk of having their accounts hacked.

The researchers at eSentire’s Threat Research Unit (TRU) discovered that account takeover is still possible on X accounts, despite the use of security keys or passkeys. This means that X’s own security features are not foolproof and could be bypassed by hackers.

In addition to security keys or passkeys, X users have the option to use SMS codes or an authenticator application to access their accounts. However, hackers can easily bypass these methods through various means such as AiTM attacks, intercepting authentication codes, or SIM swapping.

It is not just regular users who are vulnerable to these attacks. Even high-profile individuals like Sydney Sweeney, Lara and Tiffany Trump, Metallica, and senior staff at McDonalds have fallen victim to X account takeovers. These attacks are often used to promote cryptocurrency scams or phishing links to their followers.

The Rise of Crypto-Driven Attacks

Spence Hutchinson, a TRU threat intelligence researcher, highlighted that many X accounts have been breached in recent months to promote cryptocurrency schemes. The use of authentication apps or SMS codes by X users actually weakens the security provided by security keys and passkeys.

While traditional 2FA methods offer some level of security improvement over passwords, they are no match for sophisticated modern phishing attacks like AiTM attacks, according to Hutchinson.

Beyond Social Media: The Vulnerability of Online Retailers and Software Services

It’s not just social media accounts that are at risk. TRU researchers discovered that software services and online retailers are also vulnerable to attacks through a technique called “authentication method redaction” (AMR).

By blocking the security or passkey option on a site, hackers can force users to sign in with just an email address and password. To improve security, TRU recommends using stronger protections like passkeys or FIDO2 hardware authenticators and disabling insecure MFA access methods.

Don Tait, a senior analyst for identity cybersecurity at Omdia, emphasized the importance of having a robust and secure authentication posture to prevent breaches. Not all authentication methods are created equal, so using the best available methods is crucial to minimize the risk of being hacked.

Are you taking the necessary steps to protect your online accounts? Stay informed and stay safe online!