Hacker Exposes Freedom Mobile Customer Login Vulnerability

iPhoneinCanada.ca Staff
8 years ago

According to a new report from MobileSyrup, a hacker has uncovered a vulnerability in Freedom Mobile’s customer login system. This means that Freedom Mobile customers could be at risk of hackers gaining access to their personal information such as phone number, call history, and address.

The hacker, who goes by the username NullHumanity, showed a screenshot of code on a subreddit that appears to show them successfully brute-forcing user logins.

The login system is “forced to the Phone Number/PIN model” which cannot even be changed if the customer calls support. This makes it really easy to brute force logins because there are only 10,000 possible combinations of four-digit PINs and phone numbers are fairly easy to access.

“There are lots of services out there to identify carrier numbers.”
The hacker said that there have already been 2,000 accounts that have been identified as being at risk. The group does not intend to do anything malicious with the information they have gained, but they expect that it would be possible to target up to 350,000 accounts based on their brute force attack.
“A phone number is predictable and a 4 digit PIN isn’t secure. Figuring out matching sets can be automated easily.”
The four-digit PIN as a password for accessing online banking raises huge security concerns, which the company needs to address. NullHumanity reached out to Freedom Mobile regarding the issue and he was told that four-digit pins provide adequate security because they are used in a lot of banking applications.
Clearly, there are some people who have yet to come to terms with today’s standard of security. That being said, it looks like Freedom Mobile has a lot of work to do in order to make their customer login system secure. Hopefully, someone at Freedom Mobile is looking into providing a solution for this outdated security system.

Want to see more of our stories on Google?

Add iPhone in Canada as a Preferred Source on Google

P.S. Want to keep this site truly independent? Support us by buying us a beer, treating us to a coffee, or shopping through Amazon here. Links in this post are affiliate links, so we earn a tiny commission at no charge to you. Thanks for supporting independent Canadian media!

Subscribe
Notify of
guest
7 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Melvin
Melvin
8 years ago

Thanks.
Just changed my PIN. They won’t be able to guess it cuz I used opposite thinking so to fooled them.

0
Reply
Got Game? Get Game! ???
Got Game? Get Game! ???
Reply to  Melvin
8 years ago

Guessed it… 1234

0
Reply
poopchute
poopchute
Reply to  Got Game? Get Game! ???
8 years ago

Ha!
You are sooooooo wrong!
It’s 4321. So there.

0
Reply
IS
IS
Reply to  Melvin
8 years ago

another dumb person here.. brute-forcing means they used an automated script to try every combinations from 0000 to 9999. “using opposite thinking” has nothing to do with brute-forcing method. lol

0
Reply
ticky13
ticky13
Reply to  IS
8 years ago

Exactly! This is why using PINs is dumb… but not as dumb as only allowing four digits in a PIN.

0
Reply
Riley Freeman
Riley Freeman
8 years ago

for such a young carrier, this type of stuff is not good. They better shape up

0
Reply
Arlene Price
Arlene Price
8 years ago

One of the most annoying questions I hear is “are there real hackers?” or “Can i get a real hacker?” or “Where can I get a hacker ?” Well, I’m going to tell you this TOP SECRET thing I found, and trust me he is the answer to all your questions, he is an ethical hacker, reliable and affordable, comment image I know this because I’ve have made use of his services a lot such as hacking a cell phone, hacking into a website, helping me boost my credit score and clearing my bank debt and he has never dissapointed me for once. I have also reffered him to my friends who also required services of a genuine hacker and they’ve been testifying to his good works. Stop being scammed by these fake hackers and contact a real one.

0
Reply

Other articles in the category: News

Two Blink home security cameras standing side by side, one white and one black, against a copper gradient background.

Blink’s New 2K Video Doorbells Are Coming to Canada Starting at $69.99

Amazon's Blink has announced two new video doorbells designed to improve front door security with higher resolution and better visibility. The new models, the Blink Wired Doorbell 2K+ and the Blink Battery Doorbell 2K+, both feature 2K video quality and improved dynamic range to handle difficult lighting conditions. The Wired Doorbell 2K+ is priced at...
John Quintet
18 minutes ago
7
0
Would love your thoughts, please comment.x
()
x