A newly discovered vulnerability in Facebook Messenger could have allowed an attacker to modify or remove any sent message, photo, file, or link. The flaw, which was discovered by Check Point Software Technologies, has already been disclosed to Facebook’s security team, which worked with Check Point to patch the vulnerability.
“By exploiting this vulnerability, cybercriminals could change a whole chat thread without the victim realizing. What’s worse, the hacker could implement automation techniques to continually outsmart security measures for long-term chat alterations,” said Oded Vanunu, head of Products Vulnerability Research at Check Point, said in a blog post. “We applaud Facebook for such a rapid response and putting security first for their users.”
The exploit works on the way Facebook assigns identities to chat messages. Each chat message has a unique "message_id" identifier that could be revealed by sending a request to www.facebook.com/ajax/mercury/thread_info.php.
Once message_id is identified, an attacker could alter its respective message content and send it back to Facebook servers which accept the new content as legitimate and push it back to the victim’s PC or mobile device.
Checkpoint Security team said “Each message in the Facebook chat applications, both online and mobile, has its own identifier “message_id” parameter. An attacker can store this request, contain the identifier, via a proxy while he launches his malicious attempt”
According to the Checkpoint Research Team, this type of hacks could have a drastic impact on users as Facebook plays an important role in everyday activities and this type of loopholes can cost much.
Checkpoint Research team said-
“By exploiting this vulnerability, cybercriminals could change a whole chat thread without the victim realizing. What’s worse, the hacker could implement automation techniques to continually outsmart security measures for long-term chat alterations,” said Oded Vanunu, head of Products Vulnerability Research at Check Point, said in a blog post. “We applaud Facebook for such a rapid response and putting security first for their users.”
The exploit works on the way Facebook assigns identities to chat messages. Each chat message has a unique "message_id" identifier that could be revealed by sending a request to www.facebook.com/ajax/mercury/thread_info.php.
Once message_id is identified, an attacker could alter its respective message content and send it back to Facebook servers which accept the new content as legitimate and push it back to the victim’s PC or mobile device.
Checkpoint Security team said “Each message in the Facebook chat applications, both online and mobile, has its own identifier “message_id” parameter. An attacker can store this request, contain the identifier, via a proxy while he launches his malicious attempt”
According to the Checkpoint Research Team, this type of hacks could have a drastic impact on users as Facebook plays an important role in everyday activities and this type of loopholes can cost much.
Checkpoint Research team said-
“Malicious users can manipulate message history as part of fraud campaigns. A malicious actor can change the history of a conversation to claim he had reached a falsified agreement with the victim, or simply change its terms.”
“Hackers can tamper, alter or hide important information in Facebook chat communications which can have legal repercussions. These chats can be admitted as evidence in legal investigations and this vulnerability opened the door for an attacker to hide evidence of a crime or even incriminate an innocent person.”
“The vulnerability can be used as a malware distribution vehicle. An attacker can change a legitimate link or file into a malicious one, and easily persuade the user to open it. The attacker can use this method, later on, to update the link to contain the latest C&C address, and keep the phishing scheme up to date.”
Typically, ransomware campaigns only last a few days because security companies are able to block the links and command and control addresses once they become known, forcing the attackers to begin their campaigns all over again from scratch.
The Messenger vulnerability, on the other hand, could have allowed hackers to use automation techniques to continually outsmart security measures when the command and control servers are replaced.
For now, I suggest you to update your Facebook Messenger app to the latest version.
Hackers Can Now Hack Facebook Messenger App
Reviewed by Tech Ugly
on
Wednesday, June 08, 2016
Rating:
Reviewed by Tech Ugly
on
Wednesday, June 08, 2016
Rating:
No comments: