Security News > 2022 > December > Comcast Xfinity accounts hacked in widespread 2FA bypass attacks
Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication.
Similar to Gmail, Xfinity allows customers to configure a secondary email address to be used for account notifications and password resets in the event they lose access to their Xfinity account.
All Xfinity customers we spoke to said they have two-factor authentication enabled on their accounts, yet the threat actors could bypass it and log in to their accounts.
A researcher has told BleepingComputer that the attacks are being conducted through credential stuffing attacks to determine the login credentials for Xfinity attacks.
Once they gain access to the account and are prompted to enter their 2FA code, the attackers allegedly use a privately circulated OTP bypass for the Xfinity site that allows them to forge successful 2FA verification requests.
"I spoke to a second person in the xfinity security department that told me not to worry about the fraudulent yopmail account on my xfinity account and indicated that this had happened with many xfinity accounts," a user posted to Reddit about the hacks.
News URL
Related news
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)