This produces an exciting new breakthrough that has the potential to revolutionize all fields of cybersecurity. Unfortunately, they also recently found a new hacking technique, PoisonSeed, which allows cybercriminals to undermine FIDO keys. This technique uses QR phishing and cross-device sign-in abuse to gain access to user accounts. This report’s results highlight the ongoing shift of cybersecurity threats toward more dangerous and costly tactics and the importance of remaining vigilant when protecting sensitive data.
Cybersecurity’s growing importance in protecting our computer systems and networks are underpinning everything from government to commerce. It protects sensitive data from all cyber threats—including phishing, ransomware, and denial-of-service (DoS) attacks. As attackers quickly evolve their tactics, they still take advantage of gaps in defenses and leverage prevalent social engineering techniques to bypass security controls. The new research is a reminder of the need to remain vigilant against these old but new threats.
QR code phishing has become a favored resource of bad actors looking for a path to nefarious gain. By tricking users into scanning malicious QR codes, they could still gain access to accounts tied to FIDO keys. Cross-device sign-in adds yet another layer of complexity. Users can authenticate on a device without a passkey by using another one that houses the cryptographic key.
FIDO security keys are a form of security-first authentication, requiring users to prove their identity with additional verification methods. Fido keys are vulnerable to the PoisonSeed technique, which allows attackers to bypass sensitive security measures. Researchers Ben Nahorney and Brandon Overstreet have been at the forefront of studying these threats, emphasizing that “the attacker does this by taking advantage of cross-device sign-in features available with FIDO keys.”
The implications of these findings are profound. Cybersecurity is the most important part of this equation because it protects every one of those sensitive pieces of information. It protects them from future breach-related financial losses. Expel, a cybersecurity firm, commented on the technique, stating, “In the case of this attack, the bad actors have entered the correct username and password and requested cross-device sign-in.”
As cyber threats adapt and become more complex, adopting smarter security requires leveraging more advanced layers of security. Utilizing authenticator apps on mobile devices can add an additional layer of protection against unauthorized access. Experts caution that scanning QR codes with these apps can still leave users open to threats.
Cybersecurity threats are constantly changing, making it imperative for individuals and organizations to remain informed about the latest developments and protective measures. Websites like Google News, Twitter, and LinkedIn can all be powerful tools to help you keep track of breaking cybersecurity news.
“AitM attacks against FIDO keys and attacker-controlled FIDO keys are just the latest in a long line of examples where bad actors and defenders up the ante in the fight to compromise/protect user accounts.” – researchers