loader gif

Frontier Communications password reset bug could allow hackers to bypass 2FA, take over accounts

breach,data,identity,theft,broken,computer,lock,vulnerability,alert,antivirus,board,circuit,code,confidential,crime,cybercrime,decryption,defense,digital,firewall,hack,hacked,hacker,internet,log,monitor,network,open,padlock,password,privacy,protect,protection,safe,searching,secrecy,secure,security,shielding,software,spy,spyware,stealing,surveillance,technology,thief,threat,unlock,unsecured,virus

A bug in cable and internet giant Frontier Communications’ password reset system temporarily allowed an attacker to potentially hijack an account using just a username or password. The flaw could have allowed an attacker to bypass two-factor authentication access code sent when a user initiates a password reset.

The flaw was discovered by security researcher Ryan Stevenson who demonstrated the password reset vulnerability in a video, ZDNet reports.

Stevenson found that the access code field was not limited with the system allowing you to enter as many codes as they wished. For a determined attacker, they could enter hundreds of six-digit access code iterations until they hit the right one.

Using a test account he created and Burp Suite, a popular network intercept tool, Stevenson was able to reproduce the access code by automating the sending of hundreds of six-digit access codes one after the other to the browser, allowing him to filter out a correct code which returned a bigger server response than the incorrect ones. The correct code could then be used to reset the account password.

The password reset feature is protected by a CAPTCHA form which restricts an attacker’s ability and only allows them to carry out targeted attacks. However, a faster internet connection could make it easier for the attacker to crack the code since Stevenson’s demonstration could only generate around 100 codes in 10 seconds, taking him over a day to generate the right access code.

The password reset feature from the website was blocked temporarily by the cable and internet giant after the bug was reported, a Frontier spokesperson told ZDNet. "Out of an abundance of caution while the matter is being investigated, Frontier has shut down the functionality of changing a customer's password via the web," a company spokesperson said.

It is currently unknown how long the vulnerability was live on the website and if it was exploited by any attackers thus far.

loader gif