Is there a reason this individual is referred to as “the man” instead of by name in this article and the linked pages? Is that an Australian convention?

It's the way it should be, rather than glorifying criminals and giving them cool names

And so a simple Google search of their name doesn't always return articles like these.

Kali Linux and Pineapple routers made me adamant about never connecting to public wi-fi without a VPN ever again.

How did he manage to bypass 2fa?

Most likely victims did not use 2FA.

In the hypothetical that they did and he were a strong hacker, he could possibly cook up a man in the middle attack - victim provides username, password, and 2FA. Man in the middle uses them to login on behalf of the victim, saves a copy of "remember this computer" type cookies, passes it all back to the victim transparently. That would be a lot harder to implement than a basic username/password phishing site however.