That's not really a surprise, physical access to your phone is not required to circumvent 2FA, just access to the seed that is created during setup. So if your PC has some malware or some such when you setup 2FA or you store the seed somewhere accessible then all bets are off. That's just one, though probably the easiest attack vector...
You are viewing a single comment's thread from: