Top
Some of the biggest web hosting sites were vulnerable to simple account takeover hacks

Some of the biggest web hosting sites were vulnerable to simple account takeover hacks

January 14, 2019

Category:

A security researcher has found, reported, and now disclosed a dozen bugs that made it easy to steal sensitive information or take over any customer’s account from some of the largest web hosting companies on the internet.

In some cases, clicking on a simple link would have been enough for Paulos Yibelo, a well-known and respected bug hunter, to take over the accounts of anyone using five large hosting providers — Bluehost, Dreamhost, Hostgator, OVH, and iPage.

“All five had at least one serious vulnerability allowing a user account hijack,” he told TechCrunch, which he shared his findings with before going public.

Read More on Tech Crunch