{"id":23180,"date":"2018-12-19T15:41:50","date_gmt":"2018-12-19T15:41:50","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/29643\/How-Hackers-Bypass-Gmail-2FA-At-Scale.html"},"modified":"2018-12-19T15:41:50","modified_gmt":"2018-12-19T15:41:50","slug":"how-hackers-bypass-gmail-2fa-at-scale","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/","title":{"rendered":"How Hackers Bypass Gmail 2FA At Scale"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/video-images.vice.com\/articles\/5c12c1022f135f0006f9c3ee\/lede\/1544733345519-shutterstock_788158579-copy.jpeg?crop=1xw:0.8680555555555556xh;center,center&amp;resize=1200:*\" class=\"ff-og-image-inserted\"\/><\/div>\n<p>If you\u2019re an at risk user, that extra two-factor security code sent to your phone may not be enough to <a href=\"https:\/\/motherboard.vice.com\/en_us\/article\/d3devm\/motherboard-guide-to-not-getting-hacked-online-safety-guide\" target=\"_blank\">protect your email account<\/a>.<\/p>\n<p>Hackers can bypass these protections, as we\u2019ve seen <a href=\"https:\/\/theintercept.com\/2017\/06\/05\/top-secret-nsa-report-details-russian-hacking-effort-days-before-2016-election\/\" target=\"_blank\">with leaked NSA documents<\/a> on how Russian hackers targeted US voting infrastructure companies. But <a href=\"https:\/\/www.amnesty.org\/en\/latest\/research\/2018\/12\/when-best-practice-is-not-good-enough\" target=\"_blank\">a new Amnesty International report<\/a> gives more insight into how some hackers break into Gmail and Yahoo accounts at scale, even those with two-factor authentication (2FA) enabled.<\/p>\n<p>They do this by automating the entire process, with a phishing page not only asking a victim for their password, but triggering a 2FA code that is sent to the target\u2019s phone. That code is also phished, and then entered into the legitimate site so the hacker can login and steal the account.<\/p>\n<p>The news acts as a reminder that <a href=\"https:\/\/motherboard.vice.com\/en_us\/article\/a3adpj\/how-to-set-up-2fa\" target=\"_blank\">although 2FA is generally a good idea<\/a>, hackers can still phish certain forms of 2FA, such as those that send a code or token over text message, with some users likely needing to switch to a more robust method.<\/p>\n<p>\u201cVirtually in that way they can bypass any token-based 2FA if no additional mitigations are implemented\u201d Claudio Guarnieri, a technologist at Amnesty, told Motherboard in an online chat.<\/p>\n<p>2FA is adding another layer of authentication onto your account. With token-based 2FA, you may have an app that generates a code for you to enter when logging in from an unknown device, or, perhaps most commonly, the service will send a text message containing a short code that you then type into your browser.<\/p>\n<p class=\"article__pull-quote\">&#8220;It is not a capability reserved to the big sophisticated actors.&#8221;<\/p>\n<p>This sort of 2FA is great for protecting against password reuse. That is, if a hacker obtains one of your passwords from a data breach, and then tries that password on your other accounts, if you have 2FA enabled the hacker is probably not going to break in without taking some further steps. Many lower level hackers are likely to just stop trying at that point.<\/p>\n<p>But token-based 2FA is not a failsafe. It\u2019s increasingly clear that as well as trying to steal your passwords through deceptive phishing pages, hackers may try and pinch your 2FA code too. And by automating the process, hackers can steal and use your 2FA token just like you would, entering it into the legitimate Google site or another one in seconds.<\/p>\n<p>In this latest case documented by Amnesty, it estimates hackers have targeted more than a thousand Google and Yahoo accounts across the Middle East and North Africa throughout 2017 and 2018. The attacks are likely originating from among the Gulf countries, and display similarities to a hacking campaign that researchers at Citizen Lab found that targets dissidents in the United Arab Emirates, Amnesty\u2019s report reads.<\/p>\n<p>The phishing starts normally, with a fake Gmail page asking the target for their password. Once the target enters that, the hacker\u2019s infrastructure directs the victim to another page, alerting them that they had been sent a 2FA code via SMS to the phone they registered to their account.<\/p>\n<p>\u201cSure enough, our configured phone number did receive an SMS message containing a valid Google verification code,\u201d Amnesty\u2019s report reads. The phishing page then asks the victim to enter their 2FA code. Some phishing pages asked the victim to verify their phone number, while others did not, Guarnieri said.<\/p>\n<p class=\"article__blockquote\"><em><strong>Got a tip? You can contact Joseph Cox securely on Signal on +44 20 8133 5190, OTR chat on jfcox@jabber.ccc.de, or email joseph.cox@vice.com.<\/strong><\/em><\/p>\n<p>In its investigation, Amnesty found the servers hosting the Gmail and Yahoo phishing sites had exposed file directories, revealing exactly what process the hackers\u2019 had used to phish targets\u2019 credentials and 2FA tokens. The phishing tool essentially carries out what a user would usually accomplish with a web browser, meaning the specific URLs the hackers\u2019 tools visited are included in their Chrome history. Although the URLs in the report relate to a hijacking of a Yahoo account, Guarnieri told Motherboard the process is the same for Gmail.<\/p>\n<p>To perhaps visualise this better, there is no hacker sitting behind a keyboard, waiting for the victim to hand over their details. No one is furiously entering the 2FA code while it is still valid. Instead, the process automates all of that, with servers whirring away ready to do the work.<\/p>\n<p>Behind the scenes, the hackers\u2019 servers take the victim\u2019s phished credentials, enters them into the legitimate email service, which then returns a request for a 2FA code (the real service then sending the code to the user\u2019s phone.) The hackers\u2019 server asks the victim for that code, which the hacker then passes back to the real service in order to login, all at around the same speed it would take to log-in ordinarily. The hackers\u2019 tool then automatically creates an App Password\u2014a separate password that lets third party applications have access to the email account\u2014so the hackers can maintain a hold on the user\u2019s account.<\/p>\n<p>Although the examples Amnesty found were geared towards tokens sent via SMS, Guarnieri said the same approach could potentially be used to phish codes from a 2FA app such as Google Authenticator.<\/p>\n<p>In another case, Amnesty says it found the hackers\u2019 infrastructure automatically taking a Yahoo account and then transferring it over to Gmail, using a legitimate migration service called ShuttleCloud. This \u201callows the attackers to automatically and immediately generate a full clone of the victim\u2019s Yahoo account under a separate Gmail account under their control,\u201d the report reads.<\/p>\n<p>On Thursday, in a separate investigation focused on the Iranian government-linked hacking group known as Charming Kitten, cybersecurity firm Certfa documented how another campaign has attempted to steal 2FA tokens. The hackers \u201cdirect their targets to the fake Google login page, which the users enter their credential details including 2 factor authentication,\u201d <a href=\"https:\/\/blog.certfa.com\/posts\/the-return-of-the-charming-kitten\/\" target=\"_blank\">the report reads<\/a>.<\/p>\n<p>An alternative to this phishable 2FA, as the Amnesty report notes, is for at risk people to use a hardware security token instead. This is a small device that typically plugs into your computer via USB, and authenticates your identity that way. Yubico sells a variety of <a href=\"https:\/\/motherboard.vice.com\/en_us\/article\/bj3qxw\/how-to-twitter-account-yubikey-guide\" target=\"_blank\">these tokens called Yubikeys<\/a>, and Google\u2019s own Advanced Protection Program, which locks down an account from using third party applications, <a href=\"https:\/\/cloud.google.com\/blog\/products\/identity-security\/titan-security-keys-now-available-on-the-google-store\" target=\"_blank\">has its own hardware token<\/a>. (When reached for comment, Google pointed to this Advanced Protection Program, <a href=\"https:\/\/gsuiteupdates.googleblog.com\/2017\/10\/making-google-prompt-primary-choice-for-2sv.html\" target=\"_blank\">as well as Google prompt<\/a>, another form of 2FA.)<\/p>\n<p>A Yahoo spokesperson told Motherboard in an email &#8220;The threat landscape is continually evolving, and we are committed to evolve with it to help keep our users secure. In 2015, we launched <a href=\"https:\/\/login.yahoo.com\/accountkey\/setup\" target=\"_blank\">Yahoo Account Key<\/a>, which does not utilize SMS, and encourage users to adopt this form of authentication.&#8221;<\/p>\n<p>On the investigated phishing campaign Guarnieri, the Amnesty technologist, said, \u201cthis particular setup is imperfect, but the lesson fundamentally is that with enough automation and enough care, these mechanisms can be bypassed and it is not a capability reserved to the big sophisticated actors,\u201d.<\/p>\n<p><strong><em>Subscribe to our new cybersecurity podcast, <a href=\"https:\/\/itunes.apple.com\/gb\/podcast\/cyber\/id1441708044?mt=2\" target=\"_blank\">CYBER<\/a>.<\/em><\/strong><\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/29643\/How-Hackers-Bypass-Gmail-2FA-At-Scale.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":23181,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[5302],"class_list":["post-23180","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinehackeremailgooglepassword"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How Hackers Bypass Gmail 2FA At Scale 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How Hackers Bypass Gmail 2FA At Scale 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-12-19T15:41:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/how-hackers-bypass-gmail-2fa-at-scale.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2000\" \/>\n\t<meta property=\"og:image:height\" content=\"1125\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-hackers-bypass-gmail-2fa-at-scale\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-hackers-bypass-gmail-2fa-at-scale\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"How Hackers Bypass Gmail 2FA At Scale\",\"datePublished\":\"2018-12-19T15:41:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-hackers-bypass-gmail-2fa-at-scale\\\/\"},\"wordCount\":1180,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-hackers-bypass-gmail-2fa-at-scale\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/12\\\/how-hackers-bypass-gmail-2fa-at-scale.jpg\",\"keywords\":[\"headline,hacker,email,google,password\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-hackers-bypass-gmail-2fa-at-scale\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-hackers-bypass-gmail-2fa-at-scale\\\/\",\"name\":\"How Hackers Bypass Gmail 2FA At Scale 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-hackers-bypass-gmail-2fa-at-scale\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-hackers-bypass-gmail-2fa-at-scale\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/12\\\/how-hackers-bypass-gmail-2fa-at-scale.jpg\",\"datePublished\":\"2018-12-19T15:41:50+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-hackers-bypass-gmail-2fa-at-scale\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-hackers-bypass-gmail-2fa-at-scale\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-hackers-bypass-gmail-2fa-at-scale\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/12\\\/how-hackers-bypass-gmail-2fa-at-scale.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/12\\\/how-hackers-bypass-gmail-2fa-at-scale.jpg\",\"width\":2000,\"height\":1125},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-hackers-bypass-gmail-2fa-at-scale\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,email,google,password\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackeremailgooglepassword\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How Hackers Bypass Gmail 2FA At Scale\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How Hackers Bypass Gmail 2FA At Scale 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/","og_locale":"en_US","og_type":"article","og_title":"How Hackers Bypass Gmail 2FA At Scale 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-12-19T15:41:50+00:00","og_image":[{"width":2000,"height":1125,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/how-hackers-bypass-gmail-2fa-at-scale.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"How Hackers Bypass Gmail 2FA At Scale","datePublished":"2018-12-19T15:41:50+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/"},"wordCount":1180,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/how-hackers-bypass-gmail-2fa-at-scale.jpg","keywords":["headline,hacker,email,google,password"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/","url":"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/","name":"How Hackers Bypass Gmail 2FA At Scale 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/how-hackers-bypass-gmail-2fa-at-scale.jpg","datePublished":"2018-12-19T15:41:50+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/how-hackers-bypass-gmail-2fa-at-scale.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/how-hackers-bypass-gmail-2fa-at-scale.jpg","width":2000,"height":1125},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/how-hackers-bypass-gmail-2fa-at-scale\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,email,google,password","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackeremailgooglepassword\/"},{"@type":"ListItem","position":3,"name":"How Hackers Bypass Gmail 2FA At Scale"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/23180","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=23180"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/23180\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/23181"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=23180"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=23180"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=23180"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}