Close Menu
Alpha Leaders
  • Home
  • News
  • Leadership
  • Entrepreneurs
  • Business
  • Living
  • Innovation
  • More
    • Money & Finance
    • Web Stories
    • Global
    • Press Release
What's On
AI-Powered Robot Acting As Street Beggar Raises Eyebrows And Pivotal Societal Questions

AI-Powered Robot Acting As Street Beggar Raises Eyebrows And Pivotal Societal Questions

1 July 2026
Henry Ford, Steve Jobs, William Boeing: The Fortune 500 founders who are the children of immigrants

Henry Ford, Steve Jobs, William Boeing: The Fortune 500 founders who are the children of immigrants

1 July 2026
See The Milky Way, Venus And A Full Buck Moon: July’s Night Sky

See The Milky Way, Venus And A Full Buck Moon: July’s Night Sky

1 July 2026
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram
Alpha Leaders
newsletter
  • Home
  • News
  • Leadership
  • Entrepreneurs
  • Business
  • Living
  • Innovation
  • More
    • Money & Finance
    • Web Stories
    • Global
    • Press Release
Alpha Leaders
Home » 2FA Code Warning As Hackers Steal 17 Billion Cookies To Use In Attacks
Innovation

2FA Code Warning As Hackers Steal 17 Billion Cookies To Use In Attacks

Press RoomBy Press Room19 March 20253 Mins Read
Facebook Twitter Copy Link Pinterest LinkedIn Tumblr Email WhatsApp
2FA Code Warning As Hackers Steal 17 Billion Cookies To Use In Attacks

Whenever there is talk of hackers compromising services, be that in the form of Gmail lockout attacks, those that use infostealer malware, for ransomware threat actors brute-forcing passwords to firewalls and VPNs, you can bet your bottom dollar that the mitigation advice will include enabling two-factor authentication for all your accounts. But what if the hackers had a way around that? What if the hackers could bypass the 2FA code requirement and compromise your account anyway? Well, about that…

The Threat To 2FA Code Security Explained

Two-factor authentication is, without a shadow of a doubt, a necessity given the current threat landscape where infostealers rule supreme. If you are not using passkeys already, then your passwords are the weak spot that hackers will attack. Heck, most of the time, the hard work has already been done for them with infostealer logs compiled and sold on criminal marketplaces and dark web forums. All they then have to do is feed those passwords into a brute-force attack against accounts, and if, like 50% of users, you use the same credentials for multiple sites and services, well, you’re screwed. Unless that is, you have 2FA enabled, which acts as a nightclub doorman protecting the entrance to your account: if your 2FA code isn’t on the list, then you are not coming in. So far, so good. Now comes the bad news.

2FA bypass is a reality. Attackers don’t need your 2FA code to gain access to your account; what they use instead is a cookie. Yes, those things that we always think of in a privacy-related context as containing information about us that is fed back to the evil giants of technology. But not all cookies are the same, beyond counting important data. The important data contained within a session cookie already includes a flag that says 2FA has been completed, and all is fine and dandy. Threat actors will employ attacker-in-the-middle techniques to capture a session cookie after a victim has completed the initial password login and 2FA verification. That cookie is proof to your account that the session is authorized correctly. Critically, once a hacker has hold of such a session cookie, that authorized session can be re-run at their leisure without the need for your 2FA code at all.

Now that you understand how it works, you might not want to read SpyCloud’s newly published 2025 identity exposure report. According to the SpyCloud analysts, 17.3 billion session cookies were stolen across 2024 from malware-infected devices. As well as being valid authentication cookies, these included target URL’s to enable session hijacking, the report warned. “In the intricate web of cybercrime, stolen session cookies have become a powerful tool for attackers,” SpyCloud said, “allowing them to bypass authentication measures and hijack accounts.”

Mitigating 2FA Code Bypass Attacks

There are myriad ways that you can mitigate 2FA code bypass attacks, including the use of passkeys, which Google told me that internal research had shown to “substantially reduce the impact of phishing and other social engineering attacks.” Of course, you should also be aware of all the advice that has been given many times over about mitigating phishing attacks, as these are also used alongside malware infections to steal session cookies. Indeed, phishing is often how the infostealer malware gets installed in the first place, so be sure to stay alert.

2FA 2FA hack Cookie cookie theft Hacking 2FA MFA Multi-Factor Authentication Session Cookie SpyCloud two-factor authentication
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link

Related Articles

AI-Powered Robot Acting As Street Beggar Raises Eyebrows And Pivotal Societal Questions

AI-Powered Robot Acting As Street Beggar Raises Eyebrows And Pivotal Societal Questions

1 July 2026
See The Milky Way, Venus And A Full Buck Moon: July’s Night Sky

See The Milky Way, Venus And A Full Buck Moon: July’s Night Sky

1 July 2026
How Wisconsin Used Foxes And Deer To Revamp Science Education

How Wisconsin Used Foxes And Deer To Revamp Science Education

1 July 2026
Anthropic Wins As Commerce Lifts Fable 5 And Mythos 5 Export Controls

Anthropic Wins As Commerce Lifts Fable 5 And Mythos 5 Export Controls

1 July 2026
Apple iOS 26.5.2 New iPhone Software: Should You Upgrade?

Apple iOS 26.5.2 New iPhone Software: Should You Upgrade?

1 July 2026
Autonomous Pharmacies Are Becoming the Next Big Thing

Autonomous Pharmacies Are Becoming the Next Big Thing

1 July 2026
Don't Miss
Unwrap Christmas Sustainably: How To Handle Gifts You Don’t Want

Unwrap Christmas Sustainably: How To Handle Gifts You Don’t Want

By Press Room27 December 2024

Every year, millions of people unwrap Christmas gifts that they do not love, need, or…

Exclusive: DeFi platform Azura launches after raising .9 million from Initialized

Exclusive: DeFi platform Azura launches after raising $6.9 million from Initialized

22 October 2024
Sam Altman’s World Wants To Scan Your Eyes To Prove You’re Human

Sam Altman’s World Wants To Scan Your Eyes To Prove You’re Human

22 October 2024
Stay In Touch
  • Facebook
  • Twitter
  • Pinterest
  • Instagram
  • YouTube
  • Vimeo
Latest Articles
From medicine to hiring, A.I. is impacting these business sectors

From medicine to hiring, A.I. is impacting these business sectors

1 July 20262 Views
Anthropic Wins As Commerce Lifts Fable 5 And Mythos 5 Export Controls

Anthropic Wins As Commerce Lifts Fable 5 And Mythos 5 Export Controls

1 July 20261 Views
The gap between A.I. hype and A.I. reality widens

The gap between A.I. hype and A.I. reality widens

1 July 20262 Views
Apple iOS 26.5.2 New iPhone Software: Should You Upgrade?

Apple iOS 26.5.2 New iPhone Software: Should You Upgrade?

1 July 20261 Views

Recent Posts

  • AI-Powered Robot Acting As Street Beggar Raises Eyebrows And Pivotal Societal Questions
  • Henry Ford, Steve Jobs, William Boeing: The Fortune 500 founders who are the children of immigrants
  • See The Milky Way, Venus And A Full Buck Moon: July’s Night Sky
  • How Wisconsin Used Foxes And Deer To Revamp Science Education
  • From medicine to hiring, A.I. is impacting these business sectors

Recent Comments

No comments to show.
About Us
About Us

Alpha Leaders is your one-stop website for the latest Entrepreneurs and Leaders news and updates, follow us now to get the news that matters to you.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks
AI-Powered Robot Acting As Street Beggar Raises Eyebrows And Pivotal Societal Questions

AI-Powered Robot Acting As Street Beggar Raises Eyebrows And Pivotal Societal Questions

1 July 2026
Henry Ford, Steve Jobs, William Boeing: The Fortune 500 founders who are the children of immigrants

Henry Ford, Steve Jobs, William Boeing: The Fortune 500 founders who are the children of immigrants

1 July 2026
See The Milky Way, Venus And A Full Buck Moon: July’s Night Sky

See The Milky Way, Venus And A Full Buck Moon: July’s Night Sky

1 July 2026
Most Popular
How Wisconsin Used Foxes And Deer To Revamp Science Education

How Wisconsin Used Foxes And Deer To Revamp Science Education

1 July 20262 Views
From medicine to hiring, A.I. is impacting these business sectors

From medicine to hiring, A.I. is impacting these business sectors

1 July 20262 Views
Anthropic Wins As Commerce Lifts Fable 5 And Mythos 5 Export Controls

Anthropic Wins As Commerce Lifts Fable 5 And Mythos 5 Export Controls

1 July 20261 Views

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025
  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • March 2022
  • January 2021
  • March 2020
  • January 2020

Categories

  • Blog
  • Business
  • Entrepreneurs
  • Global
  • Innovation
  • Leadership
  • Living
  • Money & Finance
  • News
  • Press Release
© 2026 Alpha Leaders. All Rights Reserved.
  • Privacy Policy
  • Terms of use
  • Advertise
  • Contact

Type above and press Enter to search. Press Esc to cancel.