Security News > 2022 > December > Comcast Xfinity accounts hacked in widespread 2FA bypass attacks

Comcast Xfinity accounts hacked in widespread 2FA bypass attacks
2022-12-22 19:32

Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication.

Similar to Gmail, Xfinity allows customers to configure a secondary email address to be used for account notifications and password resets in the event they lose access to their Xfinity account.

All Xfinity customers we spoke to said they have two-factor authentication enabled on their accounts, yet the threat actors could bypass it and log in to their accounts.

A researcher has told BleepingComputer that the attacks are being conducted through credential stuffing attacks to determine the login credentials for Xfinity attacks.

Once they gain access to the account and are prompted to enter their 2FA code, the attackers allegedly use a privately circulated OTP bypass for the Xfinity site that allows them to forge successful 2FA verification requests.

"I spoke to a second person in the xfinity security department that told me not to worry about the fraudulent yopmail account on my xfinity account and indicated that this had happened with many xfinity accounts," a user posted to Reddit about the hacks.


News URL

https://www.bleepingcomputer.com/news/security/comcast-xfinity-accounts-hacked-in-widespread-2fa-bypass-attacks/