FIDO2 With Two Displays$\unicode{x2013}$Or How to Protect Security-Critical Web Transactions Against Malware Attacks. (arXiv:2206.13358v2 [cs.CR] UPDATED)

With the rise of attacks on online accounts in the past years, more and more
services offer two-factor authentication for their users. Having factors out of
two of the three categories something you know, something you have and
something you are should ensure that an attacker cannot compromise two of them
at once. Thus, an adversary should not be able to maliciously interact with
one's account. However, this is only true if one considers a weak adversary. In
particular, since …

attacks critical fido2 malware malware attacks protect security unicode web