Get a Pentest and security assessment of your IT network.

Cyber Security

Researcher Bypasses Instagram 2FA to Hack Any Account

A researcher earned a $30,000 bug bounty from Facebook after discovering a weakness in the Instagram mobile recovery process that would allow account takeover for any user. Laxman Muthiyah took a look at Instagram s mobile recovery flow, which involves a user receiving a six-digit passcode to their mobile number for two-factor account authentication. With six digits that means there are 1 million possible combinations of digits making up the codes. It would cost around 150 dollars to perform the complete attack of one million codes.

Source: https://threatpost.com/researcher-bypasses-instagram-2fa/146466/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation