A security researcher found a bug on Samsung’s website which could have allowed hackers to fully take over a user account just by tricking the user into clicking on a malicious link. The vulnerability was reported to Samsung earlier this month by Ukrainian bug bounty hunter Artem Moskowsky.
ZDNet reports that at the heart of this vulnerability is something that’s referred to in the online security industry as cross-site request forgery exploit. What this exploit allows hackers to do is to trick their target’s browser into running hidden commands on other sites the user is logged into while they’re on an attacker’s site.
Moskowsky actually discovered three cross-site request forgery-related issues in the company’s account management system. The first would have enabled attackers to change the profile details of their target. The second would have let them disable two factor authentication and the third would have allowed a change of the security question. It’s the third one that could have potentially been used to take over accounts.
The attacker could have tricked the user into clicking on a malicious link which would have changed their security question and its answer. A password recovery could thus be initiated with the compromised security question to gain access. Samsung quickly patched the bugs after they were reported by the security researcher. The company awarded Moskowsky $13,300 for his disclosures.