🚨 Retool software company announced that 27 of its crypto customers were exposed to an SMS-based fishing attack. The issue has raised concerns about the security of Google Authenticator's cloud syncing feature.

🔹 The attack started with a deceptive SMS fishing campaign against Retool employees. An employee had his credentials stolen on a fake login page.

🔹 Using deepfake technology, attackers convinced the employee to reveal his multi-factor authentication code.

🔹 Thanks to Google Authenticator's cloud synchronization feature, attackers gained access to the accounts of 27 crypto customers. Fortress Trust suffered a huge loss when approximately $15 million worth of cryptocurrency was stolen.

🔹 The use of deepfake technology has caused the US government to worry. A recent alert highlighted the malicious use of deepfake audio, video and text.

🔹 Although the identity of the attackers has not yet been disclosed, the tactics used are similar to the threat element called Scattered Spider or UNC3944, known for its sophisticated fishing techniques.

🔹 Security experts recommend using FIDO2-compliant hardware security keys or passwords, highlighting the risks of syncing one-time codes to the cloud.