Facebook Instagram Twitter Vimeo Youtube
Sign in
  • Home
  • latest tech
    • PRIVACY AND SECURITY
  • Featured
    • SOFTWARE
  • Social Media
  • Mobiles
  • others
    • Games
    • Uncategorized
  • Contact Us for Quality content, blog posts, and links at techmistake.com
Sign in
Welcome!Log into your account
Forgot your password?
Password recovery
Recover your password
Search
Tech Mistake Find new tech and its mistake
  • Home
  • latest tech
    • PRIVACY AND SECURITY
  • Featured
    • SOFTWARE
  • Social Media
  • Mobiles
  • others
    • Games
    • Uncategorized
  • Contact Us for Quality content, blog posts, and links at techmistake.com
Home Social Media Facebook hacker stole login information
  • Social Media

Facebook hacker stole login information

By
admin
-
October 29, 2018
0
1260
Facebook
Twitter
Pinterest
WhatsApp
    Facebook hacker

    Facebook hacker: This morning, Facebook disclosed a widespread security flaw that could have allowed hackers or other malicious third parties to access an affected user’s account by gleaning their security token. The flaw affected as many as 50 million people, and Facebook says it’s forcibly making around 90 million users log back into their accounts in full today to be safe. The company says that’s because, in addition to the impacted accounts. Around 40 million additional people simply used the exploitable feature since the exploit was active starting in July of 2017.

    Tech mistake | It also says it’s fixed the issue and alerted law enforcement, indicating that this is not an engineering mistake. But a purposeful exploit was discovered and used by some third-party organization or hacker. The company says its engineering team was made aware of the issue on September 25th. But Guy Rosen, Facebook’s vice president of product management, says it’s not clear whether accounts were compromised when the issue was exploited, or who might have been behind the attack.

    AN ATTACKER EXPLOITED FACEBOOK’S VIEW AS A FEATURE TO GLEAN USER SECURITY TOKENS

    “On Tuesday, we discovered that an attacker exploited a technical vulnerability to steal access tokens that would allow them to log into about 50 million people’s accounts on Facebook,” wrote CEO Mark Zuckerberg in a post to his personal Facebook page. “We do not yet know whether these accounts were misused. But we are continuing to look into this and will update when we learn more.” Facebook hacker

    The flaw could have let someone exploit the “View As” feature. And that lets you view your own profile as it appears to another user or the public. As a way of evaluating your specific sharing settings. However, it appears that the feature inadvertently exposed Facebook security tokens when someone selected a profile as the desired View As target. That would let someone gain access to the person’s account. Facebook access tokens are the digital keys that allow mobile users to log in to their accounts without having to retype their passwords.

    With full access to a user’s account. The attackers could have used any third-party app that was logged in via Facebook, the company said late Friday.

    In addition to making 90 million users log back in today, Facebook said it’s also disabling the View. As feature “while it conducts a thorough security review.” The company gives a bit of technical analysis about how the exploit worked, but they’re still aren’t a lot of concrete details here:

    This attack exploited the complex interaction of multiple issues in our code. It stemmed from a change we made to our video uploading feature in July 2017, which impacted “View As.” The attackers not only needed to find this vulnerability and use it to get an access token, they then had to pivot from that account to others to steal more tokens.

    On a call with reporters following the announcement. Facebook said that the “video uploading feature” in July of last year was related to a tool. And it allowed users to upload birthday videos in a way that would allow the View As feature to expose secure information, but only when interacting with two other bugs. The company also confirmed that no credit card info was exposed. Facebook hacker

    Kevin Roose

    ✔@kevinroose

    Facebook’s @guyro says that the breach that affected 50 million users involved a vulnerability in a tool that allowed users to upload Happy Birthday videos

    10:30 AM – Sep 28, 2018
    • 156

    • 106 people are talking about this

    Twitter Ads info and privacy

    Dustin Volz

    ✔@dnvolz

    I asked Facebook how sophisticated the hackers were and whether this could be nation-state activity. Rosen says attack was “complex” and leveraged three multiple bugs that interacted together. “We may never know” the identity of the hackers, Rosen adds.

    10:31 AM – Sep 28, 2018
    • 117

    • 128 people are talking about this

    Twitter Ads info and privacy

    News of this security exploit comes just hours after a prominent Taiwanese hacker by the name of Chang Chi-yuan pledged to delete Zuckerberg’s personal page on Sunday as a way to demonstrate some type of security flaw in Facebook, Chang’s proficiency as a hacker, or both. It was not immediately clear whether the issue affecting Facebook’s View As the feature is the one Chang intended to exploit. But the timing had some suspecting they could be related.

    Facebook said on the call with reporters today that the View As exploit does not have anything to do with Chang’s stunt, which he reportedly planned to stream on Facebook Live. Later on in the day, Chang backed down from his pledge, writing on his personal page that he “reported the bug to Facebook. And I will show proof when I get the bounty.”

    A more pressing concern for Facebook is the absence of a chief security officer. After former CSO Alex Stamos left the company last month.

    Following Stamos’ departure, Facebook said it would not be filling the CSO role. And would instead restructure its security organization. And embed specialists through its many divisions. A Facebook spokesperson said at the time that the company would “continue to evaluate what kind of structure works best” to protect users’ security.

    Following widespread news coverage of the exploit, Facebook users began reporting that the social network was blocking news links regarding the hack from The Associated Press and The Guardian, leading more cynical critics of the company to assume it was purposefully suppressing negative news about itself on its own platform.

    View image on Twitter

    View image on Twitter

    Jed Bracy@JedBracy

    Facebook is preventing users from posting The Guardian’s report on the Facebook data breach. Ouch. https://www.theguardian.com/technology/2018/sep/28/facebook-50-million-user-accounts-security-berach …

    12:33 PM – Sep 28, 2018
    • 1,160

    • 1,104 people are talking about this

    Twitter Ads info and privacy

    Facebook later confirmed to The Verge that the stories were being shared so frequently that they tripped the company’s internal spam detection tools. “We fixed the issue as soon as we were made aware of it. And people should be able to share both articles,” the company said. “We apologize for the inconvenience.”

    Update 9/28, 6:22PM ET. Added comment from Facebook about blocking news links.

    1Update 9/28, 5:22 PM ET: Added information from a second call with reporters.

    2Update 9/28, 1:35 PM ET: Added information from Facebook’s call with reporters this afternoon.

    Update 9/28, 4:41 PM ET: Added information about Facebook’s internal spam detection tools tripping over fast-spreading Guardian and AP links, as well as an update on Chang Chi-yuan backing down from his pledge to hack Zuckerberg’s page.

    The article was originally published here.

    To get more knowledge about the Facebook hacker, please visit our site: www.techmistake.com

    • TAGS
    • Around 90 million users now have to log back into their accounts to be safe
    • deactivated facebook account hacked
    • facebook account hacked and deleted
    • facebook account hacked and locked
    • facebook account hacked and password changed
    • facebook account hacked email changed
    • facebook hacked helpline
    • facebook hacked how to fix
    • Facebook hacker stole login information for 50 million accounts
    • facebook hacker v.3.0 password
    • fb hack direct
    • fbpasshacking.com fb-hack
    • hack facebook account using url online >
    • hack.fb.id 100% working
    • hacked facebook account password list
    • How can I find out if someone is accessing my Facebook account?
    • how to block facebook account permanently without password
    • how to delete my hacked facebook account without password
    • how to delete someone facebook account permanently
    • how to get back hacked facebook account with old password
    • how to recover a hacked facebook account and secure within 10 steps
    • how to recover facebook account without email
    • how to recover facebook password without email and phone number
    • how to recover facebook password without email and phone number 2018
    • how to recover hacked facebook account
    • how to recover hacked facebook account without email
    • how to recover hacked facebook account without email and phone number
    • keylogger facebook hack online
    • my facebook account is hacked and password is changed
    • my fb account is hacked and email changed
    • my fb account is hacked how to delete it
    • my fb account is hacked how to recover it
    • recover hacked facebook account through friends
    • someone hacked my facebook account and changed my password and email
    • someone hacked my fb account and changed the password
    • the only facebook account hacker with 71% success rate-hayy
    • www.facebook.com/hacked name
    • www.facebook.com/hacked password
    Facebook
    Twitter
    Pinterest
    WhatsApp
      Previous articleGmail add-ons like Dropbox can now be easily accessed
      Next articleGmail Design: Gmail’s biggest redesign is now live
      admin
      admin
      http://forupon.com/
      I am Muhammad Asif Sidiq and working as blogger in tech mistake and For upon which is the best company. I want to share our experience on your website through quality article… View our Guest Posting Sites which will give you good free back links.
      © Newspaper WordPress Theme by TagDiv