Logged out from your Facebook account automatically? Well you’re not alone…
Facebook just admitted that an unknown hacker or a group of hackers exploited a zero-day vulnerability in its social media platform that allowed them to steal secret access tokens for more than 50 million accounts.
UPDATE: 10 Important Updates You Need To Know About the Latest Facebook Hacking Incident.
In a brief blog post published Friday, Facebook revealed that its security team discovered the attack three days ago (on 25 September) and they are still investigating the security incident.
The vulnerability, whose technical details has yet not been disclosed and now patched by Facebook, resided in the “View As” feature—an option that allows users to find out what other Facebook users would see if they visit your profile.
According to the social media giant, the vulnerability allowed hackers to steal secret access tokens that could then be used to directly access users’ private information without requiring their original account password or validating two-factor authentication code.
Secret access tokens “are the equivalent of digital keys that keep people logged in to Facebook, so they don’t need to re-enter their password every time they use the app.”
images from Hacker News
Recent Comments