A bug in a new centralized system that Meta created for users to manage their logins for Facebook and Instagram could have allowed malicious hackers to switch off an account’s two-factor protections just by knowing their email address or phone number.
Gtm Mänôz, a security researcher from Nepal, realized that Meta did not set up a limit of attempts when a user entered the two-factor code used to log into their accounts on the new Meta Accounts Center, which helps users link all their Meta accounts, such as Facebook and Instagram.
With a victim’s phone number or email address, an at
Hacker finds bug that allowed anyone to bypass Facebook and Instagram 2FA
![](https://xn--9ckkn2541by7i2mhgnc67gnu2h.xyz/wp-content/uploads/2023/01/facebook-email-two-factor-1.jpg)
コメント