{"id":39070,"date":"2021-01-08T14:23:00","date_gmt":"2021-01-08T14:23:00","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31911\/Hackers-Can-Clone-Google-Titan-2FA-Keys.html"},"modified":"2021-01-08T14:23:00","modified_gmt":"2021-01-08T14:23:00","slug":"hackers-can-clone-google-titan-2fa-keys","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/","title":{"rendered":"Hackers Can Clone Google Titan 2FA Keys"},"content":{"rendered":"<figure class=\"intro-image intro-left\"><img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-keys-800x353.jpg\" alt=\"Hackers can clone Google Titan 2FA keys using a side channel in NXP chips\"><figcaption class=\"caption\"><\/figcaption><\/figure>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\"><a title=\"78 posters participating, including story author\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2021\/01\/hackers-can-clone-google-titan-2fa-keys-using-a-side-channel-in-nxp-chips\/?comments=1\"> <\/p>\n<h4 class=\"comment-count-before\">reader comments<\/h4>\n<p> <span class=\"comment-count-number\">115<\/span> <span class=\"visually-hidden\"> with 78 posters participating, including story author<\/span> <\/a> <\/p>\n<div class=\"share-links\">\n<h4>Share this story<\/h4>\n<\/p><\/div>\n<\/aside>\n<p><!-- cache hit 370:single\/related:398ed25f08d7e2af18b1e382c71a98a7 --><!-- empty --><\/p>\n<p>There\u2019s wide consensus among security experts that physical two-factor authentication keys provide the most effective protection against account takeovers. Research published today doesn\u2019t change that thinking, but it does show how malicious attackers with physical possession of a Google Titan key can clone it.<\/p>\n<p>There are some steep hurdles to clear for an attack to be successful. A hacker would first have to steal a target\u2019s account password and also gain covert possession of the physical key for as many as 10 hours. The cloning also requires up to $12,000 worth of equipment and custom software, plus an advanced background in electrical engineering and cryptography. That means the key cloning\u2014were it ever to happen in the wild\u2014would likely be done only by a nation-state pursuing its highest-value targets.<\/p>\n<p>\u201cNevertheless, this work shows that the Google Titan Security Key (or other impacted products) would not avoid [an] unnoticed security breach by attackers willing to put enough effort into it,\u201d researchers from security firm NinjaLab wrote in a <a href=\"https:\/\/ninjalab.io\/wp-content\/uploads\/2021\/01\/a_side_journey_to_titan.pdf\">research paper<\/a> published Thursday. \u201cUsers that face such a threat should probably switch to other FIDO U2F hardware security keys, where no vulnerability has yet been discovered.\u201d<\/p>\n<h2>The 2FA gold standard<\/h2>\n<p>Two-factor authentication, or 2FA, is a method that makes account takeovers much harder to pull off. Instead of using only a password to prove someone is authorized to access an account, 2FA requires a second factor, such as a one-time password, possession of a physical object, or a fingerprint or other biometric.<\/p>\n<p>Physical keys are among the\u2014if not <em>the<\/em>\u2014<a href=\"https:\/\/arstechnica.com\/information-technology\/2016\/12\/this-low-cost-device-may-be-the-worlds-best-hope-against-account-takeovers\/\">most secure forms of 2FA<\/a> because they store the long-term secret that makes them work internally, and only output non-reusable values. The secret is also impossible to phish. Physical keys are also more convenient, since they work on all major operating systems and hardware.<\/p>\n<p>The Titan vulnerability is one of the only weaknesses ever to be found in a mainstream 2FA key. However improbable, a successful real-world exploit would completely undermine the security assurances the thumb-size devices provide. The NinjaLab researchers are quick to point out that despite the weakness, it\u2019s still safer to use a Titan Security Key or another affected authentication device to sign in to accounts than not to.<\/p>\n<h2>Attack of the clones<\/h2>\n<p>The cloning works by using a hot air gun and a scalpel to remove the plastic key casing and expose the NXP <a href=\"https:\/\/media.digikey.com\/pdf\/Data%20Sheets\/NXP%20PDFs\/A700x_Rev3.1.pdf\">A700X chip<\/a>, which acts as a secure element that stores the cryptographic secrets. Next, an attacker connects the chip to hardware and software that take measurements as the key is being used to authenticate on an existing account. Once the measurement-taking is finished, the attacker seals the chip in a new casing and returns it to the victim.<\/p>\n<aside class=\"ad_wrapper\" aria-label=\"In Content advertisement\"> <span class=\"ad_notice\">Advertisement <\/span> <\/aside>\n<div class=\"gallery shortcode-gallery gallery-wide\">\n<ul>\n<li data-thumb=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-opened-150x150.jpg\" data-src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-opened.jpg\" data-responsive=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-opened.jpg 1080, https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-opened.jpg 2560\" data-sub-html=\"#caption-1733682\">\n<figure><figcaption id=\"caption-1733682\"><span class=\"icon caption-arrow icon-drop-indicator\"><\/span> <\/p>\n<div class=\"caption\"> The extracted Titan printed circuit board and one part of the casing. <\/div>\n<\/figcaption><\/figure>\n<\/li>\n<li data-thumb=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-pcb-recto-150x150.jpg\" data-src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-pcb-recto.jpg\" data-responsive=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-pcb-recto.jpg 1080, https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-pcb-recto.jpg 2560\" data-sub-html=\"#caption-1733683\">\n<figure><figcaption id=\"caption-1733683\"><span class=\"icon caption-arrow icon-drop-indicator\"><\/span> <\/p>\n<div class=\"caption\"> Recto of a Titan PCB. <\/div>\n<\/figcaption><\/figure>\n<\/li>\n<li data-thumb=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-pcb-150x150.jpg\" data-src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-pcb.jpg\" data-responsive=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-pcb.jpg 1080, https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-pcb.jpg 2560\" data-sub-html=\"#caption-1733684\">\n<figure><figcaption id=\"caption-1733684\"><span class=\"icon caption-arrow icon-drop-indicator\"><\/span> <\/p>\n<div class=\"caption\"> Verso of the Titan PCB. <\/div>\n<\/figcaption><\/figure>\n<\/li>\n<li data-thumb=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-pcb-verso-150x150.jpg\" data-src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-pcb-verso.jpg\" data-responsive=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-pcb-verso.jpg 1080, https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/google-titan-pcb-verso.jpg 2560\" data-sub-html=\"#caption-1733685\">\n<figure><figcaption id=\"caption-1733685\"><span class=\"icon caption-arrow icon-drop-indicator\"><\/span> <\/p>\n<div class=\"caption\"> &#8220;We first protected the PCB by sticking some aluminium tape around it and cut a square just above the NXP A7005a package. Then we warmed some fuming nitric acid and put carefully some drops of acid on the package, until we see the die appear.&#8221; This figure depicts the result. <\/div>\n<\/figcaption><\/figure>\n<\/li>\n<li data-thumb=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/sca-platform-150x150.jpg\" data-src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/sca-platform.jpg\" data-responsive=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/sca-platform.jpg 1080, https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/sca-platform.jpg 2560\" data-sub-html=\"#caption-1733686\">\n<figure><figcaption id=\"caption-1733686\"><span class=\"icon caption-arrow icon-drop-indicator\"><\/span> <\/p>\n<div class=\"caption\"> The side-channel analysis platform used in this study. <\/div>\n<\/figcaption><\/figure>\n<\/li>\n<li data-thumb=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/em-probe-position-150x150.jpg\" data-src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/em-probe-position.jpg\" data-responsive=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/em-probe-position.jpg 1080, https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/01\/em-probe-position.jpg 2560\" data-sub-html=\"#caption-1733687\">\n<figure><figcaption id=\"caption-1733687\"><span class=\"icon caption-arrow icon-drop-indicator\"><\/span> <\/p>\n<div class=\"caption\"> The spatial position of the EM probe above the die of the Titan NXP A7005a. <\/div>\n<\/figcaption><\/figure>\n<\/li>\n<\/ul>\n<\/div>\n<p>Extracting and later resealing the chip takes about four hours. It takes another six hours to take measurements for each account the attacker wants to hack. In other words, the process would take 10 hours to clone the key for a single account, 16 hours to clone a key for two accounts, and 22 hours for three accounts.<\/p>\n<p>By observing the local electromagnetic radiations as the chip generates the digital signatures, the researchers exploit a <a href=\"https:\/\/en.wikipedia.org\/wiki\/Side-channel_attack\">side channel vulnerability<\/a> in the NXP chip. The exploit allows an attacker to obtain the long-term&nbsp;<a href=\"https:\/\/cryptobook.nakov.com\/digital-signatures\/ecdsa-sign-verify-messages\">elliptic<\/a> <a href=\"https:\/\/cryptobook.nakov.com\/digital-signatures\/ecdsa-sign-verify-messages\">curve<\/a> <a href=\"https:\/\/cryptobook.nakov.com\/digital-signatures\/ecdsa-sign-verify-messages\">digital<\/a> <a href=\"https:\/\/cryptobook.nakov.com\/digital-signatures\/ecdsa-sign-verify-messages\">signal<\/a> <a href=\"https:\/\/cryptobook.nakov.com\/digital-signatures\/ecdsa-sign-verify-messages\">algorithm<\/a> private key designated for a given account. With the crypto key in hand, the attacker can then create her own key, which will work for each account she targeted.<\/p>\n<p>Paul Kocher, an independent cryptography expert with no involvement in the research, said that while the real-world risk of the attack is low, the side-channel discovery is nonetheless important, given the class of users\u2014dissidents, lawyers, journalists, and other high-value targets\u2014who rely on it and the possibility that attacks will improve over time.<\/p>\n<p>\u201cThe work is notable because it\u2019s a successful attack against a well-hardened target designed for high-security applications, and clearly breaks the product\u2019s security characteristics,\u201d he wrote in an email. \u201cA real adversary might well be able to refine the attack (e.g., shortening the data collection time and\/or removing the need to physically open the device). For example, the attack might be extendable to a token left in a hotel gym locker for an hour.\u201d<\/p>\n<h2>Doing the impossible<\/h2>\n<p>Indeed, the Google Titan, like other security keys that use the <a href=\"https:\/\/fidoalliance.org\/specs\/u2f-specs-master\/fido-u2f-overview.html\">FIDO U2F<\/a> standard, is supposed to make it impossible to transfer crypto keys and signatures off the device, as the NinjaLab researchers noted:<\/p>\n<blockquote>\n<p>As we have seen, the FIDO U2F protocol is very simple, the only way to interact with the U2F device is by registration or authentication requests. The registration phase will generate a new ECDSA key pair and output the public key. The authentication will mainly execute an ECDSA signature operation where we can choose the input message and get the output signature.<\/p>\n<p>Hence, even for a legitimate user, there is no way to know the ECDSA secret key of a given application account. This is a limitation of the protocol which, for instance, makes [it] impossible to transfer the user credentials from one security key to another. If a user wants to switch to a new hardware security key, a new registration phase must be done for every application account. This will create new ECDSA key pairs and revoke the old ones.<\/p>\n<p>This limitation in functionality is a strength from a security point-of-view: by design it is not possible to create a clone. It is moreover an obstacle for side-channel reverse-engineering. With no control whatsoever on the secret key it is barely possible to understand the details of (let alone to attack) a highly secured implementation. We will have to find a workaround to study the implementation security in a more convenient setting.<\/p>\n<\/blockquote>\n<h2>Risk assessment<\/h2>\n<p>Despite describing a way to compromise the security of a key Google sells, the research won\u2019t receive a payment under Google\u2019s bug bounty program, which provides rewards to hackers who discover security flaws in Google products or services and privately report them to the company. A Google spokeswoman said that attacks that require physical possession are out of scope of the company\u2019s security key threat model. She also noted the difficulty and expense in carrying out an attack.<\/p>\n<aside class=\"ad_wrapper\" aria-label=\"In Content advertisement\"> <span class=\"ad_notice\">Advertisement <\/span> <\/aside>\n<p>While the researchers performed their attack on the Google Titan, they believe that other hardware that uses the A700X, or chips based on the A700X, may also be vulnerable. If true, that would include Yubico\u2019s YubiKey NEO and several 2FA keys made by Feitian.<\/p>\n<p>In an email, Yubico spokeswoman Ashton Miller said the company is aware of the research and believes its findings are accurate. \u201cWhile the researchers note that physical device access, expensive equipment, custom software, and technical skills are required for this type of attack, Yubico recommends revoking access for a lost, stolen, or misplaced YubiKey NEO to mitigate risk,\u201d she wrote.<\/p>\n<p>In a statement, NXP officials wrote:<\/p>\n<blockquote>\n<p>NXP is aware of the report and appreciates the co-operation of the researchers. Since October 2020 we have actively communicated to the majority of potentially affected customers and given them the opportunity to discuss with our security experts. This effort is almost completed. We encourage customers to complete their own risk assessment for their systems and applications that use the affected products. The root cause cannot be fixed in the affected products. However, there are use-cases where countermeasures may be applied on system level. Newer generations of these products with additional countermeasures are available.<\/p>\n<\/blockquote>\n<p>Representatives from Feitian weren\u2019t immediately available for comment.<\/p>\n<p>One countermeasure that can partially mitigate the attack is for service providers that offer key-based 2FA to use a feature baked into the U2F standard that counts the number of interactions a key has had with the provider\u2019s servers. If a key reports a number that doesn\u2019t match what\u2019s stored on the server, the provider will have good reason to believe the key is a clone. A Google spokeswoman said the company has this feature.<\/p>\n<p>The research\u2014from Ninjalab co-founders Victor Lomn\u00e9 and Thomas Roche in Montpellier, France\u2014is impressive, and in time, it\u2019s likely to result in the side-channel vulnerability being fixed. In the meantime, the vast majority of people using an affected key should continue doing so, or at the very most, switch to a key with no known vulnerabilities. The worst outcome from this research would be for people to stop using physical security keys altogether.<\/p>\n<p><em>Post updated to add comment from NXP.<\/em><\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/31911\/Hackers-Can-Clone-Google-Titan-2FA-Keys.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":39071,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[9137],"class_list":["post-39070","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlineflawgooglepassword"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Hackers Can Clone Google Titan 2FA Keys 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hackers Can Clone Google Titan 2FA Keys 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-08T14:23:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/hackers-can-clone-google-titan-2fa-keys.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"656\" \/>\n\t<meta property=\"og:image:height\" content=\"352\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-clone-google-titan-2fa-keys\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-clone-google-titan-2fa-keys\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Hackers Can Clone Google Titan 2FA Keys\",\"datePublished\":\"2021-01-08T14:23:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-clone-google-titan-2fa-keys\\\/\"},\"wordCount\":1546,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-clone-google-titan-2fa-keys\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/hackers-can-clone-google-titan-2fa-keys.jpg\",\"keywords\":[\"headline,flaw,google,password\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-clone-google-titan-2fa-keys\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-clone-google-titan-2fa-keys\\\/\",\"name\":\"Hackers Can Clone Google Titan 2FA Keys 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-clone-google-titan-2fa-keys\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-clone-google-titan-2fa-keys\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/hackers-can-clone-google-titan-2fa-keys.jpg\",\"datePublished\":\"2021-01-08T14:23:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-clone-google-titan-2fa-keys\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-clone-google-titan-2fa-keys\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-clone-google-titan-2fa-keys\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/hackers-can-clone-google-titan-2fa-keys.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/hackers-can-clone-google-titan-2fa-keys.jpg\",\"width\":656,\"height\":352},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-clone-google-titan-2fa-keys\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,flaw,google,password\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlineflawgooglepassword\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Hackers Can Clone Google Titan 2FA Keys\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hackers Can Clone Google Titan 2FA Keys 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/","og_locale":"en_US","og_type":"article","og_title":"Hackers Can Clone Google Titan 2FA Keys 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-01-08T14:23:00+00:00","og_image":[{"width":656,"height":352,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/hackers-can-clone-google-titan-2fa-keys.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Hackers Can Clone Google Titan 2FA Keys","datePublished":"2021-01-08T14:23:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/"},"wordCount":1546,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/hackers-can-clone-google-titan-2fa-keys.jpg","keywords":["headline,flaw,google,password"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/","url":"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/","name":"Hackers Can Clone Google Titan 2FA Keys 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/hackers-can-clone-google-titan-2fa-keys.jpg","datePublished":"2021-01-08T14:23:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/hackers-can-clone-google-titan-2fa-keys.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/01\/hackers-can-clone-google-titan-2fa-keys.jpg","width":656,"height":352},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-clone-google-titan-2fa-keys\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,flaw,google,password","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlineflawgooglepassword\/"},{"@type":"ListItem","position":3,"name":"Hackers Can Clone Google Titan 2FA Keys"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39070","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=39070"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39070\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/39071"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=39070"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=39070"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=39070"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}