This was also my first thought when reading this. It almost makes me wonder if it was really a SMS exploit at all — when someone has the user, pass, and 2FA code, that sounds to me like the target clicked on a convincing URL and readily supplied all the things their attacker would need.
No comments yet.