Facebook Vulnerability Allows Hacker to Alter Conversations

Facebook Vulnerability Allows Hacker to Alter Conversations

  • By Sydny Shepard
  • Jun 07, 2016

An online security company, Check Point Software Technologies, found a security flaw in Facebook’s Messenger platform that allowed hackers to change messages in a Facebook chat after they had been sent.

It goes like this – someone could send you a link, any link that is not malicious in any way. A hacker then swoops in and replaces that chat message with a different link that could send you to a malware installation package, tricking you into infecting your system.

The vulnerability, explained in detail on Check Point’s blog, is exploited by finding a message’s unique “message_id” identifier then altering the message’s content and sending it back to Facebook which accepts the new content as genuine, without alerting the recipient of the change.

According the Check Point, the vulnerability was found earlier this month, and Facebook has been notified. The social media network moved quickly to eradicate the problem.

The Facebook Messenger vulnerability comes as founding father of Facebook, Mark Zuckerburg’s credentials to sites like Pinterest and Twitter were leaked as a likely result of the LinkedIn password hack in revealed in May. Other sites like MySpace and Tumblr have been battling password leaks as well.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • Trends Keeping an Eye on Business Decisions

    Today, AI continues to transform the way data is used to make important business decisions. AI and the cloud together are redefining how video surveillance systems are being used to simulate human intelligence by combining data analysis, prediction, and process automation with minimal human intervention. Many organizations are upgrading their surveillance systems to reap the benefits of technologies like AI and cloud applications. Read Now

  • The Future is Happening Outside the Cloud

    For years, the cloud has captivated the physical security industry. And for good reason. Remote access, elastic scalability and simplified maintenance reshaped how we think about deploying and managing systems. But as the number of cameras grows and resolutions push from HD to 4K and beyond, the cloud’s limits are becoming unavoidable. Bandwidth bottlenecks. Latency lags. Rising storage costs. These are not abstract concerns. Read Now

  • Right-Wing Activist Charlie Kirk Dies After Utah Valley University Shooting

    Charlie Kirk, a popular conservative activist and founder of Turning Point USA, died Wednesday after being shot during an on-campus event at Utah Valley University in Orem, Utah Read Now

  • The Impact of Convergence Between IT and Physical Security

    For years, the worlds of physical security and information technology (IT) remained separate. While they shared common goals and interests, they often worked in silos. Read Now

  • Unlocking Trustworthy AI: Building Transparency in Security Governance

    In situations where AI supports important security tasks like leading investigations and detecting threats and anomalies, transparency is essential. When an incident occurs, investigators must trace the logic behind each automated response to confirm its validity or spot errors. Demanding interpretable AI turns opaque “black boxes” into accountable partners that enhance, rather than compromise, organizational defense. Read Now

Most   Popular

New Products

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.