#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Facebook hacking | Breaking Cybersecurity News | The Hacker News

Category — Facebook hacking
Another Facebook hack exposes primary email address facebook users

Another Facebook hack exposes primary email address facebook users

Jul 21, 2013
Last week we explained a critical vulnerability in Facebook that discloses the primary email address of facebook user. Later the bug was patched by Facebook Security Team. Today another similar interesting Facebook hack disclosed by another bug hunter, Roy Castillo. On his blog he explained a new facebook hack method that allows anyone to grab primary emails addresses of billions of Facebook users easily. Facebook Provides a App Dashboard for creating and managing your Facebook apps, with a range of tools to help you configure, build and debug your Facebook apps. The flaw exists in App settings, where application admin can add developer's profile also, but if the user is not a verified user, a error messages on page will disclose his primary email address. Using following mentioned steps, one was able to grab email addresses of all facebook users: Collect profile links of all facebook users from Facebook People Directory i.e https://www.facebook.com/directo...
Vulnerability in Facebook discloses Primary Email Address of any account

Vulnerability in Facebook discloses Primary Email Address of any account

Jul 09, 2013
When you sign up on Facebook, you have to enter an email address and that email address becomes your primary email address on Facebook. In a recent disclosure by a Security researcher, Stephen Sclafani - The Social Networking site Facebook was  vulnerable to disclosure of primary email address of any Facebook user to hackers and spammers . The flaw resides in the invitation mechanism of Facebook, using which one can invite his all contacts emails to Facebook for making new account. As shown in following screenshot, an invitation received on an email, where one need to click the Signup URL: After clicking that URL, invited user will be redirected to a signup page filled in with the email address and the name of a person who used the link to sign up for an account was displayed: There are two parameters in this URL, i.e "re" and "mid". According to Stephen changing some part of "mid" parameter can expose the email address of another user. http:/...
How AI Is Transforming IAM and Identity Security

How AI Is Transforming IAM and Identity Security

Nov 15, 2024Machine Learning / Identity Security
In recent years, artificial intelligence (AI) has begun revolutionizing Identity Access Management (IAM), reshaping how cybersecurity is approached in this crucial field. Leveraging AI in IAM is about tapping into its analytical capabilities to monitor access patterns and identify anomalies that could signal a potential security breach. The focus has expanded beyond merely managing human identities — now, autonomous systems, APIs, and connected devices also fall within the realm of AI-driven IAM, creating a dynamic security ecosystem that adapts and evolves in response to sophisticated cyber threats. The Role of AI and Machine Learning in IAM AI and machine learning (ML) are creating a more robust, proactive IAM system that continuously learns from the environment to enhance security. Let's explore how AI impacts key IAM components: Intelligent Monitoring and Anomaly Detection AI enables continuous monitoring of both human and non-human identities , including APIs, service acc...
Facebook implementing Advanced HTTPS to minimize NSA Interception

Facebook implementing Advanced HTTPS to minimize NSA Interception

Jun 29, 2013
For years the National Security Agency has successfully shielded its surveillance programs from any real public scrutiny. There have been a lot of news stories about NSA surveillance programs following the leaks of secret documents by Edward Snowden . We have learned that the NSA is collecting millions of Americans' phone records on a daily basis, that it operates a program called PRISM involving the surveillance of Internet communications, including Email, Facebook posts, and instant messages. The NSA is allowed to record the conversations of non-Americans without a specific warrant for each person monitored, if at least one end of the conversation is outside of the U.S. It is also allowed to record the communications of Americans if they are outside the U.S. and the NSA first gets a warrant for each case. Because Facebook is using outdated Web encryption, which cryptographers say the NSA could penetrate reasonably quickly after intercepting the communicatio...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Facebook temporarily blocked access from TOR, but not Intentionally

Facebook temporarily blocked access from TOR, but not Intentionally

Jun 20, 2013
Tor has become a tool of free expression in parts of the world where citizens can not speak freely against their government. On Tuesday, a number of users have noticed that Facebook is blocking connections from the Tor network. Tor is a free tool that keeps Web browsing sessions private and anonymous . For activists and political dissidents who use the Internet to communicate with the outside world in countries where doing so is a crime , being unable to login to Facebook using TOR posed a huge problem. Later, Facebook resolves the Tor issues and said that A high volume of malicious activity across Tor exit nodes triggered Facebook's automated malware detection system, which temporarily blocked visitors who use the Tor anonymity service to access the social network . The role that Tor and Facebook played in facilitating the dissemination of information under restrictive regimes cannot be underestimated. Security researchers are also frequent users of Tor, f...
Warning ! Facebook virus Zeus targets bank accounts

Warning ! Facebook virus Zeus targets bank accounts

Jun 05, 2013
The infamous Zeus malware has once again resurfaced as per Symantec and is capable of draining your bank accounts. Zeus propagates through phishing messages that originate from an account that has been phished. Such a phished account will then start automatically sending messages to friends with links to ads telling them to check out a video or product.  Of course, you should not click as doing so will get your account phished as well. The program is sophisticated enough that it can replace a bank's Web site with a mimicked page of its very own. The fake page can then ask for social security number information and other data that is then sold on the black market.  According to Trend Micro the pages are being hosted by the Russian criminal gang known as the Russian Business Network. Zeus was first detected in 2007 and it is spreading online. If you click on the Zeus virus, it is designed to steal your password and drain your bank account. Facebook is aware o...
Hacking Instagram Accounts using OAuth vulnerability

Hacking Instagram Accounts using OAuth vulnerability

May 02, 2013
' Nir Goldshlager ' known as Facebook hacker and founder of Break Security  , who reported many critical bugs in Facebook OAuth mechanism in past few months, today disclose a critical  vulnerability in Instagram Oauth that allow an attacker to hack any account. Succesful hack allows attacker to access private photos, ability to delete victim's photos and to edit comments and also the ability to post new photos. Hacker explained that there are two ways to hack Instagram accounts using OAuth, first via Hijack Instagram accounts using the Instagram OAuth or Hijack Instagram accounts using the Facebook OAuth Dialog. During his bug hunting Nir found loopholes in Instagram's security parameters i.e redirect_uri , that allows  attacker to pass the access token to his own domain with mx as suffix i.e code straight to breaksec.com.mx . POC :  https://instagram.com/oauth/authorize/?client_id=33221863eec546659f2564dd71a8a38d&redirec...
Another way to hack Facebook accounts using OAuth vulnerability

Another way to hack Facebook accounts using OAuth vulnerability

Apr 17, 2013
In recent few months White hat Hacker ,' Nir Goldshlager ' reported many critical bugs in Facebook OAuth  mechanism, that allowed an attacker to hijack any Facebook account without user's interaction.  Another hacker, ' Amine Cherrai ' reported a new Facebook OAuth flaw, whose exploitation is actually very similar to Nir Goldshlager 's findings but with a new un-patched way. Before reading further, I would like to suggest you to read following post to understand the basic exploitation mechanism: Facebook OAuth flaw allows gaining full control over any Facebook account Facebook hacking accounts using another OAuth vulnerability URL Redirection flaw in Facebook apps push OAuth vulnerability again in action Now, if you are aware about the vulnerability used against Facebook OAuth in  redirect_uri parameter in  the URL, there is another way that  Amine Cherrai found, to bypass the patch applied by F...
URL Redirection flaw in Facebook apps push OAuth vulnerability again in action

URL Redirection flaw in Facebook apps push OAuth vulnerability again in action

Apr 04, 2013
In earlier posts, our Facebook hacker ' Nir Goldshlager ' exposed two serious Facebook oAuth Flaws. One, Hacking a Facebook account even without the user installing an application on their account and second, various ways to bypassing the regex protection in Facebook OAuth. This time, Nir illustrated a scenario attack  " what happens when a application is installed on the victim's account and how an attacker can manipulate it so easily " According to hacker, if the victim has an installed application like Skype or Dropbox, still hacker is able to take control over their accounts.  For this, an attacker required only a url redirection or cross site scripting  vulnerability on the Facebook owner app domain i.e in this scenario we are talking about skype facebook app. In many bug bounty programs URL redirection is not considered as an valid vulnerability for reward i.e Google Bug bounty Program. Nir also demonstrated...
Phishers hijacking Facebook Pages using apps

Phishers hijacking Facebook Pages using apps

Mar 08, 2013
Another phishing campaign come in action recently targeting Facebook accounts and company pages with millions of followers. Phishers continue to devise new fake apps for the purpose of harvesting confidential information. Not a new method, but very creative phishing example in Facebook hacking scene, where hacker host a phishing page on Facebook app sub domain itself. Designed very similar to Facebook Security team with title ' Facebook Page Verification ' and using Facebook Security Logo as shown in the screenshot posted above. Phishing app URL: https://apps.facebook.com/verify-pages/ Application hosted on:   https://talksms.co.uk/ The phishing page asking users to enter Page URL and Page Name that victim own and his Facebook login email ID with password. Once victim trapped in hacker web, the phisher records your information. Another interesting fact is that, the phishing domain https://talksms.co.uk/ is a HTTPS site with with verifi...
Microsoft becomes latest victim of Cyber attack

Microsoft becomes latest victim of Cyber attack

Feb 23, 2013
Microsoft has become the latest victim of to Cyber attack and confirm that small number of its computers, including some in its Mac software business unit, were infected with malware . Microsoft added , malicious software used in a cyber attack is very similar to those experienced by Facebook and Apple recently. Microsoft gave few other details about the break-in, " We have no evidence of customer data being affected and our investigation is ongoing. " " During our investigation, we found a small number of computers, including some in our Mac business unit that were infected by malicious software using techniques similar to those documented by other organizations. We have no evidence of customer data being affected and our investigation is ongoing, " Microsoft said. " This type of cyber attack is no surprise to Microsoft and other companies that must grapple with determined and persistent adversaries ," the company said. Last week, Apple said its...
Malware attack on Apple employees by hackers who targeted Facebook

Malware attack on Apple employees by hackers who targeted Facebook

Feb 20, 2013
The same ring of hackers that are responsible for hacking into at least 40 companies including Facebook and Twitter are reportedly also infected the computers of some Apple employees, the company acknowledged Tuesday. The purpose of hack considered an effort to steal company secrets, research and intellectual property that they can sell. Investigators tracked at least one server being used by the hacker ring to a hosting company in the Ukraine. " Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers, " the company said in its statement. " The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network ." Apple isolated the infected systems from its network and said there was no indication that...
PokerAgent botnet stole over 16,000 Facebook credentials

PokerAgent botnet stole over 16,000 Facebook credentials

Jan 29, 2013
PokerAgent botnet was discovered in 2012 by ESET Security Research Lab, which is a Trojan horse designed to harvest Facebook log-on credentials, also collecting information on credit card details linked to the Facebook account and Zynga Poker player stats. According to  latest report , the botnet is still active mostly in Israel and 800 computers were infected, where over 16194 Facebook credentials stolen. The Trojan is active with many variants and belongs to MSIL/Agent.NKY family. ESET reveal that, the Trojan is coded in C# language and easy to decompile. After deep analyse, team found that the bot connects to the C&C server. On command, Trojan access the Facebook account of victim and collects the Zynga Poker stats and number of payment methods (i.e. credit cards) saved in the Facebook account. Once collected, information sent back to the C&C server. The Trojan is downloaded onto the system by another downloader componen...
Password reset Vulnerability in Facebook Employees Secure Files Transfer service

Password reset Vulnerability in Facebook Employees Secure Files Transfer service

Jan 07, 2013
Many be many of you are not aware about this, but Facebook having a Secure Files Transfer service for their Employees at https://files.fb.com  and Hacker reported a very critical password reset vulnerability. Nir Goldshlager , a researcher told ' The Hacker News ' that how he defeat Facebook 's Secure Files Transfer service and help Facebook by reporting them about this issue in a responsible non-disclosure way till patch. After analyzing the site, he found that the script Facebook is using is actually " Accellion Secure File Sharing Service " script and so next he download the demo version of service from Accellion website and explore the source codes and file locations. He found that, there is a user registration page also available in source, that was also on files.fb.com. Unfortunately Facebook had removed the Sign up option (link) from homepage, but forget to remove the registration page from its actual location i.e (/courier...
Facebook Camera App Vulnerable to Man in The Middle Attack

Facebook Camera App Vulnerable to Man in The Middle Attack

Dec 26, 2012
Egypt-based security researcher reported that Facebook Camera App for mobiles are Vulnerable to Man in The Middle Attack , that allow an attacker to tap the network and hijack Camera users accounts and information like email addresses and passwords can be stolen . Mohamed Ramadan trainer with Attack-Secure, who previously reported us about similar vulnerability in Etsy app for iPhone Mohamed explains " The problem is that the app accepts any SSL certification from any source, even evil SSL certifications, and this enables any attacker to perform man in the middle attacks against anyone who uses the Facebook Camera app for IPhone. This means that the application doesn't warn the user if someone in the same (Wi-Fi network) is trying to hijack his or her Facebook account. " Facebook suggest users to upgrade the Camera application To Version 1.1.2. A statement released by the company says " We applaud the security researcher who brought...
Russian Underground Cybercrime market offering sophisticated services

Russian Underground Cybercrime market offering sophisticated services

Nov 05, 2012
Security firm Trend Micro recent analyses the Russian crimeware markets and has found that malware tools and services range from one-time packages which cost just pennies to sophisticated packages and services which cost purchasers thousands of dollars per month. If you want to buy a botnet it will cost you somewhere in the region of $700. If you just want to hire someone else's botnet for an hour, though, it can cost as little as $2. There are at least 20 different types of services offered in Russian-speaking forums for just about anyone who wants to make a buck off of cybercrime, everything from crime-friendly VPN and security software-checking services to plain old off-the-shelf exploits. " As the Russian underground community continuously modifies targets and improves technologies, security companies and users must constantly face the challenge of effectively protecting their money and the information they store in their computers and other devices ," the ...
Expert Insights / Articles Videos
Cybersecurity Resources