• Contact Us
  • [email protected]
  • Login
Upgrade
Techywild
  • APPS
  • BUSINESS
  • HEALTH
  • EDUCATION
  • ENTERTAINMENT
  • FASHION
  • GAMES
  • TECH
  • More
    • Lifestyle
    • Home improvement
    • Music
    • NEWS
    • Celebrity
    • POLITICS
    • Science
    • Space
    • SPORTS
    • TRAVEL
    • OTHER
No Result
View All Result
  • APPS
  • BUSINESS
  • HEALTH
  • EDUCATION
  • ENTERTAINMENT
  • FASHION
  • GAMES
  • TECH
  • More
    • Lifestyle
    • Home improvement
    • Music
    • NEWS
    • Celebrity
    • POLITICS
    • Science
    • Space
    • SPORTS
    • TRAVEL
    • OTHER
No Result
View All Result
Techywild
No Result
View All Result
Home APPS

Hacker finds bug that allowed anyone to bypass Facebook 2FA

ahmad khan seo by ahmad khan seo
February 2, 2023
in APPS
0
Hacker finds bug that allowed anyone to bypass Facebook 2FA

Hacker finds bug that allowed anyone to bypass Facebook 2FA

465
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter

A bug in a new centralized system that Meta created for users to manage their logins for Facebook and Instagram could have allowed malicious hackers to switch off an account’s two-factor protections just by knowing their phone number.

Gtm Mänôz, a security researcher from Nepal, realized that Meta did not set up a limit of attempts when a user entered the two-factor code used to log into their accounts on the new Meta Accounts Center, which helps users link all their Meta accounts, such as Facebook and Instagram.

With a victim’s phone number, an attacker would go to the centralized accounts center, enter the phone number of the victim, link that number to their own Facebook account, and then brute force the two-factor SMS code. This was the key step, because there was no upper limit to the amount of attempts someone could make.

Once the attacker got the code right, the victim’s phone number became linked to the attacker’s Facebook account. A successful attack would still result in Meta sending a message to the victim, saying their two-factor was disabled as their phone number got linked to someone else’s account.

“Basically the highest impact here was revoking anyone’s SMS-based 2FA just knowing the phone number,” Mänôz told TechCrunch.

An email from Meta to an account owner telling them that their two-factor protections have been switched off. Image Credits: Gtm Mänôz (screenshot)

At this point, theoretically, an attacker could try to take over the victim’s Facebook account just by phishing for the password, given that the target didn’t have two-factor enabled anymore.

Mänôz found the bug in the Meta Accounts Center last year, and reported it to the company in mid-September. Meta fixed the bug a few days later, and paid Mänôz $27,200 for reporting the bug.

Meta spokesperson Gabby Curtis told TechCrunch that at the time of the bug the login system was still at the stage of a small public test. Curtis also said that Meta’s investigation after the bug was reported found that there was no evidence of exploitation in the wild, and that Meta saw no spike in usage of that particular feature, which would signal the fact that no one was abusing it.

January 30: Headline updated to reflect that only Facebook accounts were vulnerable to the bug; this was due to an editing error. ZW. 

Total
0
Shares
Share 0
Tweet 0
Pin it 0
Share 0
Tags: Facebookfactor protectionsGtm MänôzHeadline updatedtheoretically
Previous Post

acer swift 3 sf315-41

Next Post

Three months ago, he was laid off from Twitter.

ahmad khan seo

ahmad khan seo

Related Posts

Wednesday Horror Movie
APPS

Wednesday Horror Movie

by admin
March 8, 2023
Spotify acquired Heardle, the Wordle-inspired music guessing game
APPS

Spotify acquired Heardle, the Wordle-inspired music guessing game

by ahmad khan seo
February 2, 2023
APPS

Three months ago, he was laid off from Twitter.

by ahmad khan seo
February 2, 2023
Microsoft 365 Basic launches with 100 GB of storage, Outlook and more for $1.99 per month
APPS

Microsoft 365 Basic launches with 100 GB of storage, Outlook and more for $1.99 per month

by admin
January 17, 2023
TikTok and the Fall of the Social-Media Giants
APPS

TikTok and the Fall of the Social-Media Giants

by admin
October 6, 2022
Next Post

Three months ago, he was laid off from Twitter.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Premium Content

Ansys Wins Prestigious Best Paper Award at the IEEE HOST Conference for Pioneering Semiconductor Security Solution

Ansys Wins Prestigious Best Paper Award at the IEEE HOST Conference for Pioneering Semiconductor Security Solution

July 19, 2022
Back to school sales 2022 — best deals right now

Back to school sales 2022 — best deals right now

July 30, 2022

Iphone 6s Display And Battery Health

March 8, 2023

Browse by Category

  • APPS
  • BUSINESS
  • Celebrity
  • EDUCATION
  • ENTERTAINMENT
  • FASHION
  • Food
  • GAMES
  • General
  • HEALTH
  • Home improvement
  • Lifestyle
  • Music
  • NEWS
  • Science
  • SPORTS
  • TECH
  • TRAVEL
  • Uncategorized
  • Vulputate
  • work
  • World

Browse by Tags

account advantages Alternatives Apple available benefits business Businesses Chord company customers download Explore Bali Facebook Features Galaxy important information insurance iPhone iPhone 14 Login Market Stories Netflix Online Pandemic performance pfjstores Premium requirements Samsung Samsung Galaxy Security skyward gpisd Stay Home strategy Techniques Technology United Stated Vaccine website WhatsApp Work From Home Wuhan Y2mate
Techywild

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

Learn more

© Copyright 2020 - TechyWild. All Rights Reserved.

No Result
View All Result
  • Home
  • Landing Page
  • Buy JNews
  • Support Forum
  • Contact Us

© Copyright 2020 - TechyWild. All Rights Reserved.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?