Multi-factor authentication (MFA) was supposed to close a critical gap in identity security. It meant that, even if an attacker possessed the account credentials, they couldn’t log in without the second factor. While that logic was sound, attackers have now figured out that they don’t need to steal the second factor: they just need the user to hand it over.
If your workforce authenticates with push-based MFA, this attack is a live threat to your organization today. Tools like Specops Secure Access are built specifically to close that gap, but before getting into the fix, it’s worth understanding how this technique works.
How MFA prompt bombing works
The attack requires three key elements to work:
- Valid account credentials, usually sourced from breached password dumps on the dark web
- A login portal that uses push-based MFA (such as a VPN, Microsoft 365, Okta, or Duo)
- A victim who is alerted every time the attacker tries the login
Attackers repeatedly trigger the prompt, attempting to trick the target or wear them down to approve the request. Sometimes, attackers will pair prompt bombing with a vishing call pretending to be from IT, where they will try to socially engineer the target. The danger is that these methods only need to work once.
If the prompt is approved, the attacker is logged in as that user. Security systems typically won’t be alerted, as the login looks entirely legitimate.
The Cisco breach
The 2022 Cisco breach is a key example of how effective this technique is against even mature security programs. An attacker linked to the Yanluowang ransomware group compromised a Cisco employee’s personal Google account, which was syncing browser-stored credentials, including the employee’s Cisco VPN password.
From there, the attacker pushed MFA prompts to the employee’s phone. That initially didn’t work, so they began using vishing calls posing as trusted support organizations, speaking in various accents, and eventually convincing the employee to accept a push notification.
Once accepted, the attacker had VPN access as the employee. They then enrolled their own devices for MFA to maintain persistence, escalated to administrative privileges, reached Citrix servers and domain controllers, and exfiltrated around 2.8GB of data before being evicted. The fact that prompt bombing worked against a company like Cisco, which is far from having a weak security posture, highlights just how dangerous and effective the attack has become.
Why push MFA doesn’t eliminate risk
The issue with push-based MFA is that users are asked to approve or deny a login with very little to go on. There’s no clear indication of where the request originated, what device is being used, or whether the login attempt was initiated by the user at all. In isolation, that might be manageable. But when prompts start arriving repeatedly, it’s easy to assume something’s misfiring rather than recognizing it as a potential attack.
If that’s paired with a well-timed phone call from someone posing as IT support, the situation becomes even harder to assess. At that point, the user isn’t acting carelessly, but responding to a scenario designed to feel routine and legitimate, using credentials the attacker already has.
3 ways organizations can prevent prompt bombing
1. Use fatigue and phishing-resistant MFA factors
Push notifications are the weakest common form of MFA. Phishing-resistant factors such as FIDO2 security keys, hardware tokens like YubiKey, or number-matching codes from authenticator apps are harder to abuse.
Specops Secure Access supports more than 15 identity providers and includes these fatigue-resistant options for Windows logon, RDP, and VPN connections, so organizations can retire push-only MFA for high-risk access points.
 |
| Specops Secure Access |
2. Block compromised passwords at the source
Prompt bombing is only made possible when the attacker already has a valid password. Scanning Active Directory (AD) continuously against a live database of breached passwords, and forcing a reset when a match appears, removes the fuel for the attack. Relying on default AD password policies won’t catch reused, incremental, or breached passwords. If you don’t know where you stand today, Specops Password Auditor is a free, read-only scan of your AD that flags vulnerabilities like compromised passwords or inactive admin accounts.
 |
| Specops Password Auditor |
3. Add risk signals to the login
Conditional access policies that factor in geography, device posture, and login times can block or step up authentication before a prompt is ever sent to the user’s phone. This reduces reliance on user behaviour alone and introduces real-time context to stop suspicious logins before they escalate into successful account compromise.
MFA still matters
MFA prompt bombing isn’t a reason to move away from MFA, but it does highlight where some factors fall short. When approval requests can be triggered repeatedly with no meaningful context, the control becomes easier to influence than intended.
If push is still your default second factor, it’s worth revisiting that decision. Number matching or phishing-resistant methods strengthen the MFA method itself, while scanning for compromised passwords limits the risk of attackers possessing the first authentication step. If you’re looking to evolve your identity security with more robust MFA, talk to Specops.
