Facebook Bug Allows 2FA Bypass Via Instagram

Image Source: technologistan.pk

A flaw in Meta permitted cybercriminals to disable a user account’s two-factor authentication.

Meta did not impose a limit on how many attempts whenever a user inputs the two-factor code utilized to log into one‘s accounts.

Meta Accounts Center, allows users to connect all of their Meta accounts, which include Instagram and Facebook accounts.

Hackers used brute force to decode the two-factor authentication code.

When the attacker correctly entered the code, the victim’s phone number was connected to the hacker’s Facebook account.

The highest impact here was revoking anyone’s SMS-based 2FA just knowing the phone number.

Hacker might possibly attempt to obtain the victim’s Facebook account simply by spoofing the password.

Meta carried out an investigation and discovered no indications of mistreatment in the wild.

Stay Updated With Us!!