Security News > 2024 > January > Payoneer accounts in Argentina hacked in 2FA bypass attacks
Numerous Payoneer users in Argentina report waking up to find that their 2FA-protected accounts were hacked and funds stolen after receiving SMS OTP codes while they were sleeping.
Starting last weekend, many Payoneer users in Argentina, whose accounts were protected by two-factor authentication, reported suddenly losing access to their accounts or simply logging in to empty wallets, losing "Years of work" worth in money ranging from $5,000 to $60,000.
This has raised suspicions that a recent Movistar data leak may be behind the account hacks, but the data leak did not expose users' email addresses, which are required to reset passwords on Payoneer accounts.
While the hacks may be allowed by a 2FA bypass bug, like we saw last year with Comcast, other countries would likely be affected by the attacks.
BleepingComputer has contacted Payoneer with a request for a comment on the above, the status of their investigation, and whether they plan to offer restitution in the case that a weakness in its system is discovered to be the source of the hacks, but we have not heard back yet.
Until the situation clears up on who's to blame and what exactly happened, Payoneer users in Argentina are advised to withdraw funds from their accounts or disable SMS-based 2FA and reset their account password.