Another day, Another major flaw this time in the TransUnion that allows bypassing security
Here we go. Again.
Let me start by saying this is really unresponsible by major companies like Experian, TransUnion, and Equifax even to have this kind of bug, and critical errors in their security system.
The last time was an Experian bypass that allowed you to change a string in the URL and take you straight bypassing all the security questions to its Credit report.
This time it's TransUnion so if you visit one of their websites at https://membership.trueidentity.com/tucm/orderStep1_form.page?
My name is Jenya Kushnir I am an independent Cybersecurity researcher from Ukraine. By doing some research and looking at the code I have noticed a bug if you fill out the information like the (image 1) and when you get to the section where you have to enter the last 4 of the SSN number.
The next step will be (image 2) after you fill out all information you point the mouse pointer next to the window where you enter the last 4 of your SSN and click the right button mouse to show the menu.
Here you have to select inspector (image 3).
After you open the inspector, it will display the highlighted line in the line of code like (image 4) above.
Point the mouse at the highlighted line in the inspector click the right button mouse and select Delete element like in (image 5) above.
And here comes the most interesting part of this boring process of entering information.
When you perform the Delete of the element in the next step you should see something like the (image 6). The window line for entering the last 4 of the SSN number was deleted. Now can click Submit button to be transferred to the next page Step 2.
This error bug in the code lines allows to bypass SSN for the verification process of the TransUnion and skip the verification of identity using SSN number.
In Step 2 you have created as usual username and password for your account (image 7), after completing that can proceed by clicking the I accept button to Step 3.
In Step 3 you will get a screen with an option to confirm your identity by receiving an SMS or phone call with the verification code. The phone number is the number you used when you entered at the begging of the first page (image 1)
Another option is that you will be prompted not with the Verification code via SMS, but you will get as usual Identity Verification questions (spoiler: if you get three questions you have to answer only one correctly if you get four questions only two out of the four must be answered correctly)
The final.
If someone asked me how bad is it, I would answer really bad. Not only this allows me to bypass the security without the last 4 of my SSN, but also with this I can get anyone's Name Address, and DOB and pull their Credit Report, from there the list goes on with the options that can be done by Identity thieves.
As an example one more problem with TransUnion, when you pull a Credit report they display your accounts in this format (image 9) it shows the full account number except for the last four digits, well there are credit score websites where Identity thieves can pull credit score and in there they display the last four digits of account numbers by combining this two it gives Identity thieves full access to the full number of account.
P.S. another story for another day.
Little bit personal message to readers, thank you for reading this and sharing it with others.
It’s really hard right now here with the whole War going, power blackouts, and everything else, doesn’t want to sound petty but if someone can help out, really who’d appreciated donations.
I who’d use this to buy upgrade my gear, buy a power generator and maybe a Starlink so I can do more research and try to help stop and make it harder for identity thieves
Wallet addresses below for donations
ВТС — bc1qfeq4hfclexv0y4hx7updzt0pnm7pu38zk0g40e
ETH — 0x43D09322cc162D1C4FaeB674398262bf9415A66F
TRON — TXagnv8eFH7rj6f5vq9ramTGSVcQbY7ipG
USDT TRC20 — TXagnv8eFH7rj6f5vq9ramTGSVcQbY7ipG
USDT ERC20–0x43D09322cc162D1C4FaeB674398262bf9415A66F
