Sunday, 30 September 2018

Facebook account hack: what happened, how happened and what you should do now

Facebook account hack: what happened, how happened and what you should do now

On Saturday, a case of data theft of five million users of Facebook was revealed. After this, Facebook said that due to a security flaw, it happened that the hackers entered the accounts of the people and hacked their ID. However, Facebook has completely eliminated this flaw. Facebook said in its reply that Facebook's feature view has been used to hack users' accounts. After which Facebook has logged out all these users' accounts. Its purpose was to save the account from Bich i.e. hacking.

How did it happen?

Facebook announced on Friday that five crore accounts were affected due to hackers creating a security threat. This big social network of the world said that this week we came to know that hackers stole 'Access tokens' which caused the accounts to be affected. 'Access tokens' are one type of digital keys, so hackers are able to access those accounts. "It is clear that the attackers succeeded in breaking the code of Facebook," said Ge Rosen, vice president of Facebook's Product Management.

What did Mark Zuckerberg say

Mark Zuckerberg said that engineers detected this weakness on Tuesday, it was fixed by Thursday night. They said, 'We have removed these drawbacks and have informed law enforcement This is a serious issue. Please inform that Facebook has temporarily removed the 'View Age' feature. This feature is a privacy tool that allows the user to see how his own profile will look like a different user.

What was wrong in the View As feature?

Vice President of Facebook's Product Management, Guy Rosen, said that three bugs were seen in the access token, causing the access token to be affected. Because of this, whenever users tried to open their Facebook through the app, they were being logged out again and again. Rosen explained that the first bug was that "when you use View as function to view your profile as another person, then the video uploader should not really appear at all". But in some cases it happened. Second, the video uploader "used a single sign-in" to generate an access token with the permissions of Facebook Mobile Apps.
After all, when the video uploader will appear as "View Es" as it has generated an access token, which should not have been done, "Rosen said that hackers used this combination so that the system was weak and the ID got hacked.''

Founder and CEO of Lucideus Security firm and Founder Saket Modi said that whenever a user changes his MAC address and IP address, changes in tokens also occur. This means that its hacker can fool Facebook and target the user's account. Where the hacker has complete control over the user's account.

What do u do

Users should log out all the accounts with which they have logged into the account so that their account is safe then password should be changed if possible.

No comments:

Post a Comment