“Around 40% websites adopts password reset code composed of numbers and of some fixed length”, TheHackerNews said.
For what the hacker did, the other hackers will surely take advantage of it, to which the tool can be downloaded easly on Mozilla Add-ons’ official website.
Apparently, the hacker could hit lots of website which contains the system hole. The bad part is, most of all penetrated websites by this hacking method are websites that provides SMS Services, and in fact, most of these are sending limited number of strings by which the method could be easy applied.
Screenshot source: www.mozilla.net