Tuesday, June 7, 2016

Hacking of Facebook Messenger

Recently Check Point disclosed a vulnerability found in Facebook Messenger, it allows an attacker to change conversation thread in the Facebook messenger.

Hacker can manipulate message history of a conversation to claim he had reached a falsified agreement with the victim, or simply change its terms.

Hackers can tamper, alter or hide important information in Facebook chat communications which can have legal repercussions. These chats can be admitted as evidence in legal investigations and this vulnerability opened the door for an attacker to hide evidence of a crime or even incriminate an innocent person.

This vulnerability can also be used as a malware distribution. An attacker can change a legitimate link or file into a malicious one, and easily persuade the user to open it. The attacker can use this method later on to update the link to contain the latest C&C address.

Below is the demo of the hack

No comments: