Bug Allowed Hackers to Hijack User Accounts and Signing in because T-Mobile Subscriber
Kane Gamble, a?British teenager who admitted in a court recently that she attemptedto hack to the computers of several of the top US officials, is seeking to look for vulnerabilities in T-Mobile. Reported by a latest report, the hacker found an essential security bug in the T-Mobile website that enabled attackers to hijack and take over T-Mobile’s customer accounts.
\”It’s literally like logging for your account and then stepping out of the keyboard and letting the attacker sit back.”
Gamble, now 18, pleaded guilty to 10 charges of attempted intrusions from late 2015 to mid 2016, wherein he targeted advanced officials in the usa Department of Justice. Such as?former CIA chief John Brennan; James clapper, the Director of National Intelligence within the Current; Jeh Johnson, the previous US Secretary of Homeland Security; and?John Holdren, Obama\’s former technology and science adviser.
Related“I Own You” – British Teen Pleads Guilty to Hacking into CIA Chief’s Accounts
T-Mobile continually address security issues
The telecom giant may be handling a number of security issues up to now several months. Not too long ago it had become shown that data that has reached over 76 million T-Mobile subscribers was potentially exposed as hackers exploited an online site bug for months.
The latest set of T-Mobile security bugs develops from a security researcher who\’s got been himself charged for cyber intrusions.?While Gamble awaits sentencing to the crimes that he committed whilst was 15, she has been reporting bugs, one of which is discovered way back in December.?”
Everyone that had been logging into sites could\’ve had their account hacked,\” Gamble told Motherboard for the latest T-Mobile bug.
“You might monitor it for a long time and honestly I can\’t think they\’d ever suspect it.”
While the vulnerability was discovered in December, it\’s got but now been revealed. It remains unclear why wasn’t this bug revealed and fixed more promptly. Into the carrier’s credit, after discovering the vulnerability, T-Mobile fixed it in just Round the clock and reportedly awarded hacker $5,000 to the discovery.
RelatedRemember That Mega T-Mobile Data Exposure? This company Starts Alerting Victims of “SIM Hijacking” Attempts
“This bug was confidentially reported through our Bug Bounty enter in December and fixed within a few hours,” T-Mobile said rolling around in its statement. “We found no proof customer information being compromised.”
–?The bug report isn’t publicly available and should not be verified; we certainly have written to T-Mobile for additional information and can update this space while we get more info.?