Thursday , December 13 2018
Home / Facebook / How Facebook 50 Millions Users Were Hacked

How Facebook 50 Millions Users Were Hacked

In order to gain access to Facebook’s ability to control accounts of 50 million users, hackers provided more information about how to exploit three different bugs.

Social network forced 90 million people – about 50 million victims as well as 40 million additional who may be affected, according to the company, to log out and log in again. That’s because hackers have stolen “access tokens”, when you create a Facebook while logging in and want to open another part of Facebook inside the Facebook mobile app browser, for example (this is when you click on a link You may click.)

An access token does not include the password of the user, but since it allows the user to be logged in to access tokens, this means that you can fully control the account.

How Facebook 50 Millions Users Were Hacked

“In some parts of our site, a system called Single Sign-On is used which creates a new access token,” Facebook’s Vice President of Product Management, Guy Rosen, told reporters on a press call. “The way it works: Suppose I’m logged into the Facebook mobile app and it wants to open another part of Facebook inside the browser, what will it do to generate a token on that single sign-on Use the browser functionality, so that means you do not need to login again to that window. ”

Best Facebook Auto likerAllAutoliker.com


Rosen said hackers have taken advantage of three different vulnerabilities to steal the towers.

If you have not used the feature before, it can be difficult to imagine or imagine. Actually, suppose you want to hide some wall posts from your slavery john. You can change your Facebook privacy settings to allow John to view only a few posts. Then, to check that the changes in your privacy settings really work, you can use the View AS feature to view your profile like you were John. You are not really John, and you do not have access to their account – this is just a simulation. But if you were a hacker, then to gain access to John’s access token, and then log in to his account using that token, so these bugs will have given you permission, so take full control over their account Will happen.

The vulnerability exists at least since July 2017, and related to Facebook’s “View Age” tool, which allows you to view your profile as if you were someone else (this is a privacy feature – for example, you Check whether your former, or grandmother, or anyone who wants to hide things, can see some posts on your page.)

If you have not used the feature before, it can be difficult to imagine or imagine. Actually, suppose you want to hide some wall posts from your slavery john. You can change your Facebook privacy settings to allow John to view only a few posts. Then, to check that changes in your privacy settings really work, you can use the View AS feature to view your profile like you were John. You are not really John, and you do not have access to their account – this is just a simulation. But if you were a hacker, then get access to John’s access token, and then log in to your account using that token, so these bugs would have given you permission, so take full control over their account.

The vulnerability exists at least from July 2017, and is related to Facebook’s “View Edge” tool, which allows you to view your profile as if you were someone else (this is a privacy feature – for example, you check Whether your former, or grandmother, or anyone who wants to hide things can see some posts on your page.)

Rosen said that he believed this was a relatively sophisticated attack, especially 50 million to login separately: “It’s a complex conversation with many bugs that have happened together.”

Rosen said, “i saw this attack being used extensively, we searched for it and started investigating and got an attack on the attack.” “We do not know how the accounts were misused so far.”

Ryan Stortz, a security researcher from Trail of Bits, told the motherboard that Facebook should have the ability to find this bug before hackers.

Storrs told the motherboard in an online chat, “Facebook has a full API filter that they stream all account changes (writes), which should have caught it.” “I do not know what the blame was, but if they handled Zak’s account, then it is bad and they should have a filter filter to stop them.”

But a former Facebook security engineer said that there was not a small bug to find it.

“It looks like hell of a search, the view is a code for a while, so I’m not surprised that there are some bugs in it,” Jack Morris, who works in the Facebook Security Department from 2012 to 2016 Told the motherboard. “But it is very effective to turn it off in full access tokens.”

Also Read –

About admin

admin
We Provide great tutorials for beginners

Check Also

New Auto Liker Login Method Without Facebook Check Point or ID Lock

Hello World, In This Post We Know New Auto Liker Login Method Without Facebook Check Point …

One comment

  1. I have been browsing online greater than three hours nowadays, yet I by no means discovered any fascinating article like yours.
    It is lovely worth enough for me. Personally, if all webmasters and
    bloggers made good content material as you did,
    the web will be a lot more useful than ever before.

Leave a Reply

Your email address will not be published. Required fields are marked *