Security · 1h ago
SMS Pumping Drains 2FA Budgets; iMessage-Based Fix Emerges
SMS pumping scams cost companies millions by exploiting outbound 2FA codes, with Twitter reportedly losing ~$60M/year. A mobile-originated approach, where users send a code to the service, eliminates the financial incentive for fraud. A new demo shows this working over iMessage, offering a cost-effective alternative to traditional SMS 2FA.
Meridian48 take
The iMessage-based fix is clever but limited to Apple users; a cross-platform solution would be needed for widespread adoption.
Read the full reporting
SMS Pumping Is Draining Your 2FA Budget — and Mobile-Originated iMessage 2FA Fixes It →
DEV Community
sms-pumping2fa-security