Bypassing of two-factor authentication

Date of report

December 2019

Affiliations

APT 20

A China-aligned attacker bypassed virtual private network (VPN) accounts protected by two-factor authentication to attack governments and managed service providers in a multitude of industries.

Suspected victims

Governments and managed service providers in the U.S., Brazil, China, France, Germany, Italy, Mexico, Portugal, Spain, and the United Kingdom

Suspected state sponsor

China

Type of incident

Espionage

Target category

Government
Private sector

Shining a light on one of China’s hidden hacking groups
Chinese hacker group caught bypassing 2FA

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events