Sunday, Jul 5, 2026
English News
  • Hyderabad
  • Telangana
  • AP News
  • India
  • World
  • Entertainment
  • Sport
  • Science and Tech
  • Business
  • Rewind
  • ...
    • NRI
    • View Point
    • cartoon
    • My Space
    • Education Today
    • Reviews
    • Property
    • Lifestyle
E-Paper
  • NRI
  • View Point
  • cartoon
  • My Space
  • Reviews
  • Education Today
  • Property
  • Lifestyle
Home | Hyderabad | Even Two Factor Authentication Isnt Foolproof As Hackers Exploit New Browser In The Browser Attack

Even two-factor authentication isn’t foolproof as hackers exploit new browser-in-the-browser attack

Cybercriminals are bypassing two-factor authentication through a new ‘Browser-in-the-Browser’ phishing attack that uses fake pop-up windows to steal login credentials and OTPs, prompting experts to urge users to verify the authenticity of authentication prompts

By Telangana Today
Published Date - 22 December 2025, 09:26 PM
Even two-factor authentication isn’t foolproof as hackers exploit new browser-in-the-browser attack
whatsapp facebook twitter telegram

Hyderabad: Many internet users believe their accounts are safe once two-factor authentication (2FA) is enabled. While 2FA does add an extra layer of protection, cybercriminals have now found ways to exploit even this security measure.

The latest tactic in the cybercrime playbook is the ‘Browser-in-the-Browser’ (BitB) attack, which uses a sophisticated 2FA phishing kit that is reportedly freely available on the dark web.

Also Read

  • Crime against women shows mixed trend in Rachakonda

Two-factor authentication works by requiring users to verify their identity using two different credentials. After entering a username and password, users are prompted to provide a second form of authentication, such as a one-time password (OTP) sent to a mobile phone or email, biometric verification, or a code generated by an authenticator app.

Typically, this second step appears as a pop-up window on a computer or mobile screen. However, in a BitB attack, hackers replace this legitimate pop-up with a fake browser window embedded within the webpage itself.

The fraudulent window closely mimics a real browser pop-up, complete with familiar symbols, branding and even a convincing URL display. Because it is not an actual system window but part of the webpage, users often fail to detect the deception.

Once the user enters the required authentication details, the information is instantly captured by cybercriminals, allowing them to access the account and potentially carry out financial fraud or data theft.

Cybersecurity experts advise users to verify whether a pop-up window is genuine by attempting to drag it outside the browser. If the window cannot be moved independently, it is likely a fake interface embedded within the webpage.

Recognising such visual cues can help users avoid falling victim to this emerging form of online fraud.

 

 

  • Follow Us :
  • Tags
  • 2FA scam
  • BitB attack
  • Cybercrime
  • Hyderabad News

Related News

  • Water supply to be disrupted in parts of Hyderabad for 24 hours from July 6

    Water supply to be disrupted in parts of Hyderabad for 24 hours from July 6

  • Nurse allegedly murdered by husband in Uppal over suspected infidelity

    Nurse allegedly murdered by husband in Uppal over suspected infidelity

  • H-FAST seizes 121.87 tonnes of adulterated food in Hyderabad in 100 days

    H-FAST seizes 121.87 tonnes of adulterated food in Hyderabad in 100 days

  • Cyberabad police destroy over 833 kg of seized narcotics worth Rs 5.02 crore

    Cyberabad police destroy over 833 kg of seized narcotics worth Rs 5.02 crore

Latest News

  • YSRCP slams Naidu-led TDP govt govt over failed promises

    3 hours ago
  • Andhra missing youth case: Mother threatens self-immolation over missing son’s ashes

    3 hours ago
  • Boat carrying students sinks in Congo, 20 dead

    3 hours ago
  • Shresta Iyer eliminated from Lock Upp 2 Sach Ya Sazaa show

    4 hours ago
  • Rewind: Stamps of Nature — India’s silent ambassadors of conservation

    4 hours ago
  • Red alert across Maharashtra as monsoon fury batters Mumbai, coastal districts

    4 hours ago
  • Madhavan-starrer GDN trailer brings GD Naidu’s legacy alive

    4 hours ago
  • England defeat India in second T20 as Sooryavanshi debut headlines costly Bishnoi over

    5 hours ago

company

  • Home
  • About Us
  • Contact Us
  • Privacy Policy

business

  • Subscribe

telangana today

  • Telangana
  • Hyderabad
  • Latest News
  • Entertainment
  • World
  • Andhra Pradesh
  • Science & Tech
  • Sport

follow us

  • Telangana Today Telangana Today
Telangana Today Telangana Today

© Copyrights 2024 TELANGANA PUBLICATIONS PVT. LTD. All rights reserved. Powered by Veegam