Red Security
News A vulnerability that Allows Hackers to Hijack Facebook Accounts - Printable Version

+- Red Security (https://redsecurity.info/cc)
+-- Forum: General (https://redsecurity.info/cc/forumdisplay.php?fid=1)
+--- Forum: News (https://redsecurity.info/cc/forumdisplay.php?fid=4)
+--- Thread: News A vulnerability that Allows Hackers to Hijack Facebook Accounts (/showthread.php?tid=1409)



A vulnerability that Allows Hackers to Hijack Facebook Accounts - Mr.Kurd - 03-04-2020

In The Name OF Allah
Al-Salam Alekum

[Image: social-1206612_960_720.png]

Facebook is not secure nor other social media account that way it is better to check your Security Manually and never give your sensitive info on through them..

Quote:A cybersecurity expert recently found a vulnerability in FB's "login with the Facebook feature." According to the expert, the vulnerability allows hackers to steal "Access Token," and the hacker can also hijack the victim's FB account. FB uses "OAuth 2.0" as a verification process that helps exchange FB tokens and also gives 3rd parties access permission. To know more about OAuth 2.0, the readers can find information on the internet.


The vulnerability exists in the "Login with Facebook" option that eventually lets hackers make a phony website which they used for exchanging Access Tokens for other applications that include Spotify, Netflix, Instagram, Tinder, Oculus, etc besides the hijacked FB profiles. Once the hacker succeeded in hijacking the targeted FB accounts using the Access Tokens, he had access to personal data that includes private messages, photos, videos, and also the account setup credentials.



The Source
Big Grin
Wa Salam Alekum