Most movies and TV shows commonly try to get the advantage of viral marketing these days, but very few are more well-suited to it.

We all know that the very popular USA Network’s “Mr. Robot” aired its first season last summer, and now it is assumed to be one of the best computer hacking series in recent memory.

A Severe Security Flaw Was Detected On Mr.Robot’s Season 2 Website

Mr. Robot is an American drama–thriller television series created by Sam Esmail. It stars Rami Malek as Elliot Alderson, a cybersecurity engineer and hacker suffering from social anxiety disorder and clinical depression.

Recently the network launched a new promotional website known as “whoismrrobot.com” to jumpstart the viral marketing for its next series of Mr.Robot (Mr.Robot season 2).

However, the network has recently fixed a severe security flaw in its promotional website, which could have easily allowed any nefarious hackers to access the show’s millions of fans.

But, the network should thanks to the alias Zemnmez, a white hat hacker who identified a Cross-Site Scripting (XSS) vulnerability in the promotional website of “Mr. Robot” on Tuesday, when the site was launched.

The new series of Mr.Robot (Mr.Robot season 2) also features a surprising guest, the President of the US, Barack Obama, who is giving a speech about a cyber threat faced by the country.

However, the alias Zemnmez, a white hat hacker who reported the XSS vulnerability to the “Mr. Robot” creator, could have performed many malicious tasks. Still, instead of performing any malicious tasks, the white hat hacker Zemnmez responsibly reported the XSS vulnerability to the creator of Mr. Robot, Sam Esmail.

As we mentioned earlier, the network confirmed that they had fixed the error late Tuesday night.

As the white hat hacker, Zemnmez reported that the XSS vulnerability could have allowed any attacker to apply malicious Javascript files and codes to steal users’ information and include the Facebook data of the users of the “Mr. Robot” website who entered a quiz.

Moreover, the white hat hacker, Zemnmez said that “A threat actor with XSS on whoismrrobot.com could [have used] the XSS vulnerability to inject Javascript, which inherits the ability to read Facebook information from the society game,” Zemnmez said. “This could be done mostly silently if correctly engineered with a short popup window”.

LEAVE A REPLY

Please enter your comment!
Please enter your name here