The internet can sometimes have hidden weaknesses that hackers can use to take over accounts. One such weakness was found in the password reset system of Elisa, a company that offers online services. A smart bug hunter named bucen discovered this problem and earned a $2000 bounty for it. This article explains how this vulnerability works, how it was found, and why it’s important to fix it. Let’s dive in!

Account takeover means someone can steal your account by tricking the system. In this case, the issue was in Elisa’s password reset feature. When you forget your password, the system sends you a special token (a secret code) via email. This token helps you create a new password. But the token had a big flaw that let hackers take over any customer’s account, even important Elisa staff accounts.

The problem happened because the token was made using a weak method called ECB mode with AES encryption. This method doesn’t hide patterns well, making it easy for hackers to guess and change the token.