Clever hacker and all around cool guy Dylan Saccomanni viciously pwn'd the popular messaging application GroupMe last week.
The exploit allowed an attacker to signup for a new account while using the phone number of an existing user. The only verification required at that point was a four digit PIN that could be easily brute-forced.
To their credit, GroupMe responded rapidly to Saccomanni's notice and the issue appears to have been resolved.
No comments:
Post a Comment