Researchers have found a vulnerability in cPanel and WHM. With a zero-day attack that is a brute force, hackers can easily bypass the 2-Factor Authentication (2FA).
The SEC-575 vulnerability allowed attackers to try limitless 2FA codes until finding the right one and gain access to the account. Usually, brute force attacks take more hours or even days to execute, but this time it only took a couple of minutes.
BitNinja's Log Analysis protects your servers against brute force attacks
“The two-factor authentication cPanel Security Policy did not prevent an attacker from repeatedly submitting two-factor authentication codes. This allowed an attacker to bypass the two-factor authentication check using brute force techniques.” explained the cPanel security team.
After the hackers successfully got access, they were able to control the sites and underlying server settings.
This exploit also requires valid credentials, but hackers can easily overcome that hurdle with a tricky phishing mail.
If you are a BitNinja user, you can sit back in your armchair and don’t have to worry about this vulnerability because our Log Analysis module defends your servers automatically against brute force attacks 24/7.
If you haven’t registered to BitNinja yet, then this is the time! We have a Black Friday Special offer for you: now you can enjoy the free trial with full functionality for 2 weeks instead of the usual 1 week! No credit card needed!
Have a Hacker-free Festive Season!
