MFA prompt bombing lets attackers bypass push approvals

Prompt bombing is a technique in which attackers repeatedly trigger push-based multi-factor authentication prompts to prompt a user into approving a login. The attack requires three elements: a valid username and password, a service that sends push notifications for MFA, and a target who receives the prompts. Attackers obtain passwords from leaked credential dumps or browser-synced password stores, trigger repeated prompts to the victim’s device and sometimes follow with phone-based social engineering that impersonates IT staff. If a user approves a single prompt, the attacker gains a legitimate session and a typical authentication log often does not flag the access as malicious.

A 2022 incident at Cisco illustrates how the method can lead to a wider breach. An attacker tied to the Yanluowang ransomware group accessed a Cisco employee’s personal Google account, where browser-synced credentials included a VPN password. After several failed push attempts, the intruder used vishing calls posing as trusted support organizations and persuaded the employee to accept a push notification. The attacker then enrolled their own devices for MFA, escalated privileges to administrative levels, moved to Citrix servers and domain controllers, and exfiltrated about 2.8GB of data before being removed.

Push-based approvals often provide little context about an authentication request. Notifications commonly lack clear details about the request’s origin, the device involved or whether the attempt was initiated by the account holder. Repeated notifications can create alert fatigue, leading recipients to treat the prompts as glitches. When attackers combine prompt flooding with a phone call that claims to be helpdesk support, the interaction can appear routine and prompt approvals.

Security teams recommend shifting high-risk access away from push-only MFA toward phishing-resistant factors. Examples include FIDO2 security keys, hardware tokens such as YubiKey, and authenticator apps that require number matching. Measures that reduce the chance an attacker starts with valid credentials include scanning directory services against breached-password databases and forcing resets when matches are found. Adding contextual controls through conditional access that consider geography, device posture or unusual login times can block suspicious attempts or require stronger verification before a prompt is issued.

Security professionals note that prompt bombing exposes weaknesses in common push implementations but does not eliminate the broader protections provided by MFA. Organizations facing repeated push-based attacks are being advised to adopt stronger authentication methods and to add monitoring and access controls that stop suspicious logins before a user is asked to respond.