session hijackingpasskeysfido2

    VaultJacking: The New Frontier of AI-Powered Session Hijacking

    VaultJacking exploits the underlying sync infrastructure of Google Password Manager, bypassing FIDO2 and passkey protections with a single PIN.

    Schutz IT 3 June 2026 6 min read

    VaultJacking: The New Frontier of AI-Powered Session Hijacking

    VaultJacking: The New Frontier of AI-Powered Session Hijacking

    For years, the cybersecurity community has championed strong authentication methods like FIDO2 and passkeys as the ultimate defense against phishing. The promise was clear: eliminate passwords, eliminate phishing. However, a new attack vector, dubbed "VaultJacking," is challenging this fundamental assumption, demonstrating how even the most robust authentication can be circumvented by targeting the underlying synchronization infrastructure.

    VaultJacking highlights a critical shift in attacker methodology. Instead of attempting to steal individual credentials or bypass FIDO2 keys directly, threat actors are now focusing on the trust mechanisms that underpin passwordless authentication. This includes exploiting registration flows, identity provider back-ends, and even firmware supply chains [5]. The "VaultJacking" attack, specifically, targets Google Password Manager (GPM), exposing a user's entire credential vault with a single, seemingly innocuous 6-digit PIN [7, 8].

    How VaultJacking Works: AiTM Meets Sync Logic

    The VaultJacking attack leverages a sophisticated Adversary-in-the-Middle (AiTM) phishing setup. During a convincing, fraudulent Google sign-in session, the attacker doesn't just harvest credentials. Crucially, they intercept the victim's 6-digit GPM PIN used for identity verification during device enrollment. While a PIN might seem like a minor detail compared to a FIDO2 key, in the context of Google's synchronization architecture, it acts as a master key.

    Once the attacker obtains this PIN, they can programmatically add a rogue device to the victim's "security domain"—a trusted group of devices authorized to access synchronized secrets. This process unlocks the Security Domain Secret (SDS), which in turn decrypts the victim's entire stored password and passkey vault [7, 8].

    Implications for Enterprise CIAM and IAM

    This attack vector carries significant implications for enterprise security teams, particularly those managing Customer Identity and Access Management (CIAM) and traditional Identity and Access Management (IAM) systems. While the direct example involves consumer Google accounts, the underlying principles of targeting synchronization infrastructure and post-authentication sessions are broadly applicable.

    Rethinking Trust Boundaries

    Enterprises heavily rely on strong authentication mechanisms to establish trust boundaries. VaultJacking demonstrates that these boundaries need to extend beyond the initial authentication event. The focus must shift to securing the entire identity lifecycle, including device provisioning, credential synchronization, and session management.

    The New Phishing Frontier: Session Hijacking

    FIDO2 and passkeys were designed to be phishing-resistant by binding authentication to the originating domain. However, VaultJacking illustrates that attackers are now bypassing this by targeting the authenticated session itself. As ThreatClaw points out, "The threat has simply moved downstream: away from the credential and onto the authenticated session itself." [5] This means that even with passkeys in place, robust session monitoring and behavioral analysis become critical to detect and mitigate unauthorized access.

    The Growing Relevance of AiTM Kits

    The success of VaultJacking also underscores the increasing sophistication and prevalence of AiTM phishing kits. Like the Tycoon 2FA kit, which bypasses MFA on Entra ID and Google Workspace accounts by stealing authenticated session tokens [9], these tools enable attackers to intercept not just credentials but also the session data that grants access. This trend necessitates a renewed focus on employee education around AiTM attacks and the deployment of advanced threat detection systems.

    Mitigating the Risk: A Multi-Layered Approach

    Defending against evolved threats like VaultJacking requires a comprehensive, multi-layered security strategy:

    • Enhanced Session Security: Implement robust session management controls, including short session lifetimes, continuous authentication, and anomaly detection based on user behavior and device context.
    • Supply Chain Security for Identity: Scrutinize the security of all components within your identity ecosystem, including hardware key registration flows, identity provider back-ends, and firmware supply chains.
    • User Education Against AiTM: Train users to identify and report sophisticated AiTM phishing attempts, emphasizing the dangers of entering credentials or PINs on suspicious sites, even if they appear legitimate.
    • Advanced Threat Detection: Deploy security solutions capable of detecting post-authentication session hijacking and other indicators of compromise related to identity and access.
    • Regular Security Audits: Conduct frequent audits of your CIAM/IAM infrastructure, focusing on potential vulnerabilities in synchronization mechanisms and credential storage.

    Keep reading

    VaultJacking: How a 6-Digit PIN Compromises Google Passkeys

    VaultJacking exploits Google’s synchronization to compromise passkeys via a single PIN. Learn how this AiTM attack works and how to protect enterprise credentials.

    Read article →

    VaultJacking: How a Single PIN Compromises All Your Passkeys

    A new phishing technique, VaultJacking, demonstrates how capturing a single Google Password Manager PIN can expose an entire vault of passkeys and passwords, even those deemed phishing-resistant.

    Read article →