07 June 2016, USA :
Seems like Mark Zuckerberg is having bad days at the office, first his account twitter and pinterest were hacked and now there’s security flaw in Facebook Messenger!
Researchers say they uncovered a vulnerability in Facebook’s popular Messenger app that would have allowed hackers to alter any sent message or attachment. putting millions at risk.
The security loophole was uncovered earlier this month by Check Point Security Researcher Roman Zaikin.
The firm warned the vulnerability could have had a “severe” impact on users. Fraudsters could manipulate message histories to claim an agreement had been reached with victims, hackers could tamper with conversations and incur legal repercussions and the issue could be used to distribute malware.
An attacker could change a legitimate link or file in a chat into one pointing to malicious apps and ransomware. The link could even be updated again in the future with the same technique, keeping the campaign up to date.
“By exploiting this vulnerability, cybercriminals could change a whole chat thread without the victim realizing,” said Oled Vanunu, Head of Products Vulnerability Research at Check Point. “What’s worse, the hacker could implement automation techniques to continually outsmart security measures for long-term chat alterations.”
“Facebook responded rapidly to Check Point’s responsible disclosure and after a joint effort the vulnerability was promptly patched,” Mr Vanunu said.
“We applaud Facebook for such a rapid response and putting security first for their users.”
Recent reports say Facebook has plans to beef up Messenger’s security by adding end-to-end encryption just like WhatsApp, iMessage and other secure chat apps.
Read More : Zuckerberg Hacked on Twitter and Pinterest; His Password was ‘dadada’
