Identity Threats Target Small Businesses in MFA Workarounds

Huntress's Kyle Hanslovan Warns of MFA Bypass, Rogue Apps, Fake Device Enrollments Michael Novinson (MichaelNovinson) • July 22, 2025

While multifactor authentication is considered the gold standard for identity management, attackers are now prioritizing session hijacking, rogue applications and device enrollment as methods to bypass even multi-factor authentication.

See Also: Identity and Access Management (IAM) Market Guide 2025

Hanslovan said attackers aim for persistence through malicious applications with seemingly legitimate functionality that are secretly used to siphon inbox data or maintain silent access, warned Huntress co-founder and CEO Kyle Hanslovan. And instead of relying on short-lived session tokens, Hanslovan said adversaries now try to register fake devices as trusted, enabling them to continually bypass MFA, retain long-term access and create a persistent backdoor (see: Huntress Lands $150M to Boost Posture, Recovery Capabilities).

"The most exciting cat-and-mouse tradecraft is currently happening no longer just on the endpoint," Hanslovan said. "I would ...