#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Hacking Facebook account | Breaking Cybersecurity News | The Hacker News

New PHP Version of Ducktail Malware Hijacking Facebook Business Accounts

New PHP Version of Ducktail Malware Hijacking Facebook Business Accounts
Oct 14, 2022
A PHP version of an information-stealing malware called  Ducktail  has been discovered in the wild being distributed in the form of cracked installers for legitimate apps and games, according to the latest findings from Zscaler. "Like older versions (.NetCore), the latest version (PHP) also aims to exfiltrate sensitive information related to saved browser credentials, Facebook account information, etc.," Zscaler ThreatLabz researchers Tarun Dewan and Stuti Chaturvedi  said . Ducktail, which emerged on the threat landscape in late 2021, is attributed to an unnamed Vietnamese threat actor, with the malware primarily designed to hijack Facebook business and advertising accounts. The financially motivated cybercriminal operation was  first documented  by Finnish cybersecurity company WithSecure (formerly F-Secure) in late July 2022. While previous versions of the malware were found to use Telegram as a command-and-control (C2) channel to exfiltrate information, the PHP var

Beware! New Android Malware Hacks Thousands of Facebook Accounts

Beware! New Android Malware Hacks Thousands of Facebook Accounts
Aug 09, 2021
A new Android trojan has been found to compromise Facebook accounts of over 10,000 users in at least 144 countries since March 2021 via fraudulent apps distributed through Google Play Store and other third-party app marketplaces. Dubbed " FlyTrap ," the previously undocumented malware is believed to be part of a family of trojans that employ social engineering tricks to breach Facebook accounts as part of a session hijacking campaign orchestrated by malicious actors operating out of Vietnam, according to a  report  published by Zimperium's zLabs today and shared with The Hacker News. Although the offending nine applications have since been pulled from Google Play, they continue to be available in third-party app stores, "highlighting the risk of sideloaded applications to mobile endpoints and user data," Zimperium malware researcher Aazim Yaswant said. The list of apps is as follows - GG Voucher (com.luxcarad.cardid)  Vote European Football (com.gardengu

How to Find and Fix Risky Sharing in Google Drive

How to Find and Fix Risky Sharing in Google Drive
Mar 06, 2024Data Security / Cloud Security
Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn't anyone's fault; it's inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally.  For Security & Risk Management teams, the untenable risk of any Google Drive footprint lies in the toxic combinations of sensitive data, excessive permissions, and improper sharing. However, it can be challenging to differentiate between typical business practices and potential risks without fully understanding the context and intent.  Material Security, a company renowned for its innovative method of protecting sensitive data within employee mailboxes, has recently launched  Data Protection for Google Drive  to safeguard the sprawl of confidential information scattered throughout Google Drive with a powerful discovery and remediation toolkit. How Material Security helps organ

Facebook Sued Hong Kong Firm for Hacking Users and Ad Fraud Scheme

Facebook Sued Hong Kong Firm for Hacking Users and Ad Fraud Scheme
Dec 06, 2019
Following its efforts to take legal action against those misusing its social media platform, Facebook has now filed a new lawsuit against a Hong Kong-based advertising company and two Chinese individuals for allegedly abusing its ad platform to distribute malware and Ad fraud. Facebook filed the lawsuit on Thursday in the Northern District of California against ILikeAd Media International Company Ltd. as well as a Chinese software developer and a marketing director working for the firm, Chen Xiao Cong and Huang Tao. All three defendants have been alleged to have deceived people into installing malware on their systems, enabling them to compromise user's Facebook accounts and then using those hacked accounts to advertise counterfeit goods and diet pills—which is clearly in violation of Facebook's Terms and Advertising Policies. "The suit seeks to hold accountable ILikeAd Media International Company Ltd. and Chen Xiao Cong and Huang Tao for creating the malware, tr

Uncover Critical Gaps in 7 Core Areas of Your Cybersecurity Program

cyber security
websiteArmor PointCyber Security / Assessment
Turn potential vulnerabilities into strengths. Start evaluating your defenses today. Download the Checklist.

New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps

New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps
Mar 26, 2019
Facebook has introduced a new feature in its platform that has been designed to make it easier for bug bounty hunters to find security flaws in Facebook, Messenger, and Instagram Android applications. Since almost all Facebook-owned apps by default use security mechanisms such as Certificate Pinning to ensure integrity and confidentiality of the traffic, it makes it harder for white hat hackers and security researchers to intercept and analyze network traffic to find server-side security vulnerabilities. For those unaware, Certificate Pinning is a security mechanism designed to prevent users of an application from being a victim of network-based attacks by automatically rejecting the whole connection from sites that offer bogus SSL certificates. Dubbed " Whitehat Settings ," the new option now lets researchers easily bypass Certificate Pinning on the Facebook-owned mobile apps by: Disabling Facebook's TLS 1.3 support Enabling proxy for Platform API requests

Facebook Mistakenly Stored Millions of Users' Passwords in Plaintext

Facebook Mistakenly Stored Millions of Users' Passwords in Plaintext
Mar 21, 2019
Holy moly, Facebook is again at the center of a new privacy controversy after revealing today that its platform mistakenly kept a copy of passwords for "hundreds of millions" users in plaintext. What's more? Not just Facebook, Instagram users are also affected by the latest security incident. So, if you are one of the affected users, your Facebook or Instagram password was readable to some of the Facebook engineers who have internal access to the servers and the database. Though the social media company did not mention exactly what component or application on its website had the programmatic error that caused the issue, it did reveal that the company discovered the security blunder in January this year during a routine security check. In a blog post published today, Facebook's vice president of engineering Pedro Canahuati said an internal investigation of the incident found no evidence of any Facebook employee abusing those passwords. "To be clear, t

Facebook Finds 'No Evidence' Hackers Accessed Connected Third-Party Apps

Facebook Finds 'No Evidence' Hackers Accessed Connected Third-Party Apps
Oct 03, 2018
When Facebook last weekend disclosed a massive data breach—that compromised access tokens for more than 50 million accounts —many feared that the stolen tokens could have been used to access other third-party services, including Instagram and Tinder, through Facebook login. Good news is that Facebook found no evidence "so far" that proves such claims. In a blog post published Tuesday, Facebook security VP Guy Rosen revealed that investigators "found no evidence" of hackers accessing third-party apps with its "Login with Facebook" feature. "We have now analyzed our logs for all third-party apps installed or logged in during the attack we discovered last week. That investigation has so far found no evidence that the attackers accessed any apps using Facebook Login," Rosen says. This does not mean that the stolen access tokens that had already been revoked by Facebook do not pose any threat to thousands of third-party services using Face

Facebook Hacked — 10 Important Updates You Need To Know About

Facebook Hacked — 10 Important Updates You Need To Know About
Sep 29, 2018
If you also found yourself logged out of Facebook on Friday, you are not alone. Facebook forced more than 90 million users to log out and back into their accounts in response to a massive data breach. On Friday afternoon, the social media giant disclosed that some unknown hackers managed to exploit three vulnerabilities in its website and steal data from 50 million users and that as a precaution, the company reset access tokens for nearly 90 million Facebook users. We covered a story yesterday based upon the information available at that time. Facebook Hack: 10 Important Updates You Need To Know About However, in a conference call [ Transcript 1 , Transcript 2 ] with reporters, Facebook vice president of product Guy Rosen shared a few more details of the terrible breach, which is believed to be the most significant security blunder in Facebook's history. Here's below we have briefed the new developments in the Facebook data breach incident that you need to know abo

Beware of Cryptocurrency Mining Virus Spreading Through Facebook Messenger

Beware of Cryptocurrency Mining Virus Spreading Through Facebook Messenger
Dec 22, 2017
If you receive a video file ( packed in zip archive ) sent by someone ( or your friends ) on your Facebook messenger — just don't click on it. Researchers from security firm Trend Micro are warning users of a new cryptocurrency mining bot which is spreading through Facebook Messenger and targeting Google Chrome desktop users to take advantage of the recent surge in cryptocurrency prices. Dubbed Digmine , the Monero-cryptocurrency mining bot disguises as a non-embedded video file, under the name "video_xxxx.zip" (as shown in the screenshot), but is actually contains an AutoIt executable script. Once clicked, the malware infects victim's computer and downloads its components and related configuration files from a remote command-and-control (C&C) server. Digimine primarily installs a cryptocurrency miner, i.e.  miner.exe—a modified version of an open-source Monero miner known as XMRig —which silently mines the Monero cryptocurrency in the background for h

Wait, Do You Really Think That's A YouTube URL? Spoofing Links On Facebook

Wait, Do You Really Think That’s A YouTube URL? Spoofing Links On Facebook
Oct 30, 2017
While scrolling on Facebook how you decide which link/article should be clicked or opened? Facebook timeline and Messenger display title, description, thumbnail image and URL of every shared-link, and this information are enough to decide if the content is of your interest or not. Since Facebook is full of spam, clickbait and fake news articles these days, most users do not click every second link served to them. But yes, the possibility of opening an article is much higher when the content of your interest comes from a legitimate and authoritative website, like YouTube or Instagram. However, what if a link shared from a legitimate website lands you into trouble? Even before links shared on Facebook could not be edited, but to stop the spread of misinformation and false news, the social media giant also removed the ability for Pages to edit title, description, thumbnail image of a link in July 2017. However, it turns out that—spammers can spoof URLs of the shared-links t

Scam Alert: Your Trusted Friends Can Hack Your Facebook Account

Scam Alert: Your Trusted Friends Can Hack Your Facebook Account
Oct 13, 2017
If you receive a message from any of your Facebook Friends asking for urgent help to recover their Facebook account, since they've added you as one of their ' Trusted Contacts '—just don't blindly believe it. Researchers have detected a new Facebook phishing scam that can even trick an experienced technical user into falling victim to the scam, helping an attacker gain access to your Facebook account. This latest social media scam is abusing "Trusted Contact"—a Facebook account recovery feature that sends secret access codes to a few of your close friends in order to help you regain access to your Facebook account in case you forget your password or lost access to your account. According to a public security alert published by AccessNow, the attack initiates by an already compromised account of one of your friends, asking for urgent help to get back into his/her Facebook account. The attacker explains that you are listed as one of his/her Trusted Conta

Facebook Unveils 'Delegated Recovery' to Replace Traditional Password Recovery Methods

Facebook Unveils 'Delegated Recovery' to Replace Traditional Password Recovery Methods
Jan 31, 2017
How do you reset the password for your Facebook account if your primary email account also gets hacked? Using SMS-based security code or maybe answering the security questions? Well, it's 2017, and we are still forced to depend on insecure and unreliable password reset schemes like email-based or SMS code verification process. But these traditional access recovery mechanisms aren't safe enough to protect our all other online accounts linked to an email account. Yahoo Mail can be used as an excellent example. Once hackers have access to your Yahoo account, they can also get into any of your other online accounts linked to the same email just by clicking the link that says, "Forgot your password?" Fortunately, Facebook has a tool that aims to fix this process, helping you recover access to all your other online accounts securely. At the Enigma Conference in Oakland, California on Monday, Facebook launched an account recovery feature for other websites

Facebook Buys Leaked Passwords From Black Market, But Do You Know Why?

Facebook Buys Leaked Passwords From Black Market, But Do You Know Why?
Nov 10, 2016
Facebook is reportedly buying stolen passwords that hackers are selling on the underground black market in an effort to keep its users' accounts safe. On the one hand, we just came to know that Yahoo did not inform its users of the recently disclosed major 2014 hacking incident that exposed half a billion user accounts even after being aware of the hack in 2014. On the other hand, Facebook takes every single measure to protect its users' security even after the company managed to avoid any kind of security scandal, data breach or hacks that have recently affected top notch companies. Speaking at the Web Summit 2016 technology conference in Portugal, Facebook CSO Alex Stamos said that over 1.3 Billion people use Facebook every day, and keeping them secure is building attack-proof software to keep out hackers, but keeping them safe is actually a huge task. Stamos said there is a difference between 'security' and 'safety,' as he believes that his team

Hacker reveals How He Could have Hacked Multiple Facebook Accounts

Hacker reveals How He Could have Hacked Multiple Facebook Accounts
Aug 27, 2016
How to Hack a Facebook Account? That's possibly the most frequently asked question on the Internet today. Though the solution is hard to find, a white hat hacker has just proven how easy it is to hack multiple Facebook accounts with some basic computer skills. Your Facebook account can be hacked, no matter how strong your password is or how much extra security measures you have taken. No joke! Gurkirat Singh from California recently discovered a loophole in Facebook's password reset mechanism that could have given hackers complete access to the victim's Facebook account, allowing them to view message conversations and payment card details, post anything and do whatever the real account holder can. The attack vector is simple, though the execution is quite difficult. The issue, Gurkirat ( @GurkiratSpeca ) says, actually resides in the way Facebook allows you to reset your password. The social network uses an algorithm that generates a random 6-digit passcode ‒

Hacker reports Vulnerability in Mr. Robot Season 2 Website

Hacker reports Vulnerability in Mr. Robot Season 2 Website
May 12, 2016
Mr. Robot was the biggest 'Hacking Drama' television show of 2015 and its second season will return to American TV screens on Wednesday 13th of July 2016. However, the new promotional website for season two of Mr. Robot has recently patched a security flaw that could have easily allowed a hacker to target millions of fans of the show. A White Hat hacker going by the alias Zemnmez discovered a Cross-Site Scripting (XSS) vulnerability in Mr. Robot website on Tuesday, the same day Mr. Robot launched a promo for its second series. The second season of the television show had already received praise from both critics and viewers for its relatively accurate portrayal of cyber security and hacking, something other cyber crime movies and shows have failed at badly. The new series also features a surprising yet welcome guest: President Barack Obama , who is giving a speech about a cyber threat faced by the nation. The flaw Zemnmez discovered on the show's website coul

Ever Wondered How Facebook Decides — How much Bounty Should be Paid?

Ever Wondered How Facebook Decides — How much Bounty Should be Paid?
Mar 18, 2016
Facebook pays Millions of dollars every year to researchers and white hat hackers from all around the world to stamp out security holes in its products and infrastructure under its Bug Bounty Program. Facebook recognizes and rewards bug hunters to encourage more people to help the company keep Facebook users safe and secure from outside entities, malicious hackers or others. Recently, the social media giant revealed that India is on top of all countries to report the maximum number of vulnerabilities or security holes in the Facebook platform as well as holds the top position in the country receiving the most bug bounties paid. "India is home to the largest population of security researchers participating in the Facebook bug bounty program since its inception in 2011. The country also holds the top spot for most bounties paid," Adam Ruddermann, Facebook's technical program manager notes . If you are one of the Facebook's bug hunters, you might be aware of the fact t

Hacker Reveals How to Hack Any Facebook Account

Hacker Reveals How to Hack Any Facebook Account
Mar 08, 2016
Hacking Facebook account is one of the major queries of the Internet user today. It's hard to find — how to hack Facebook account , but an Indian hacker just did it. A security researcher discovered a 'simple vulnerability' in the social network that allowed him to easily hack into any Facebook account, view message conversations, post anything, view payment card details and do whatever the real account holder can. Facebook bounty hunter Anand Prakash from India recently discovered a Password Reset Vulnerability , a simple yet critical vulnerability that could have given an attacker endless opportunities to brute force a 6-digit code and reset any account's password. Here's How the Flaw Works The vulnerability actually resides in the way Facebook's beta domains handle 'Forgot Password' requests. Facebook lets users change their account password through Password Reset procedure by confirming their Facebook account with a 6-digit c

Here's the Facebook Hacking Tool that Can Really Hack Accounts, But...

Here's the Facebook Hacking Tool that Can Really Hack Accounts, But...
Feb 09, 2016
Yes, you heard me right. A newly discovered Facebook hacking tool actually has the capability to hack Facebook account, but YOURS , and not the one you desire to hack. How to Hack Facebook account? How to Hack my Girlfriends Facebook account? My boyfriend is cheating on me, How do I hack his Facebook Account? These are the queries that most of the Internet users search on Google. But Beware! If you come across any Facebook hacking tool that promises you to help you hack your friends Facebook accounts, you may end up downloading a hacking tool that could hack you, instead of them. Facebook  Hacking Tool that Can Really Hack, But Your Accounts Dubbed Remtasu , the tool is marketing itself as a Facebook hacking tool but actually is a Windows-based Trojan that has accelerated globally over the past year, and has now capability to disguise itself as an app for accessing people's Facebook account credentials. The tool contains a Keylogger that can captur

Facebook adds Built-in Tor Support for its Android App

Facebook adds Built-in Tor Support for its Android App
Jan 19, 2016
Rejoice for Privacy Lovers! Facebook today took a surprising move by announcing that it is bringing the free anonymizing software TOR support to its Android app , almost two years after the social network planned to make Facebook available directly over Tor network. Yes. Believe it or not, the Android version of the popular Facebook application now supports the Tor anonymity network. In October 2014, Facebook launched a .onion website on TOR in order to let its users around the world access its service more securely. Access Facebook over TOR via Orbot This latest move to expand that access to the Android app opens up the option to millions more users to maintain their privacy when they visit the world's most popular social network. Facebook says "a sizeable community of people" are already accessing the site over TOR, so the company is bringing this feature to Android via the free Orbot proxy app , which is available on the Google's Play

Mark Zuckerberg Just Quits his Job at Facebook — Check Yourself!

Mark Zuckerberg Just Quits his Job at Facebook — Check Yourself!
Nov 19, 2015
Yes, you heard it right. Mark Zuckerberg has left his job at Facebook. Don't believe me? I can prove it to you. —  Check this Facebook Post by yourself  — This is weird, Isn't it? But, don't be surprised or shocked, because what you just saw was only an illusion. This is actually a minor bug in the popular social media website that allows anyone to manipulate the life event of any user who has his work status posted on Facebook. The bug, uncovered by the independent hacker Sachin Thakuri , is not a technical flaw. So how was he able to do this? All Thakuri did is took the original URL of Mark Zuckerberg life event: https://www.facebook.com/zuck/timeline/story?ut=32&wstart=-2051193600&wend=2147483647&hash=971179541251&pagefilter=3 &ustart=1 &__mref=message_bubble ...and remove the ustart=1 parameter, which left him with: https://www.facebook.com/zuck/timeline/story?ut=32&wstart=-2051193600&wend=2147483647&ha
Cybersecurity Resources