Facebook Inc Messenger’s recent flaw – discovered by online security firm Check Point Software Technologies – enables a malicious user to alter the messages in a chat after they sent. This could enable a person to send you an innocuous link in a chat in one scenario and later change it to a link that takes you to a malware installation package, which can infect your system.
How the flaw worked?
In a Check Point blog, the exploit is explained in detail. The exploit consists of finding a message’s unique “message_id” identifier then altering the message content, and sending it back to Facebook without alerting the recipient of the change. The platform accepts the new content as genuine.
This flaw impacted both mobile app and desktop app versions, and could be launched with relative ease due to the attack requiring little coding knowledge, claim security experts.
Each message in the Messenger has its own unique ID number, and with the help of a simple debug tool, a hacker can store the number and target individual chats. The analysis states that once the attacker has found the message ID, he or she can change the content of the message, and send it to the Facebook Inc servers. Further, the experts say this content is altered without a push message to the users’ PC or mobile device.
Scary for Facebook users
Hackers could change a whole chat thread by exploiting this flaw without the victim realizing. In a statement, Oded Vanunu – Head of Products Vulnerability Research at Check Point – said “By exploiting this vulnerability, cybercriminals could change a whole chat thread without the victim realizing (…) The hacker could implement automation techniques to continually outsmart security measures for long-term chat alterations.”
This flaw is quite scary for a normal Facebook user. It not only opens the probability of getting one’s system infected with malware, but it also has potential legal repercussions as the content of chats on the social media giant is admissible in court.
As per security researchers, this flaw in the Messenger could give hackers the ability to modify chats or remove files, links, pictures, and even conduct malware campaigns. The outcomes could have a severe impact on the users. The researchers claimed that the hackers can alter message histories as part of fraud schemes or could tamper with chats to disrupt legal investigations. The hackers could even use the exploit as a malware distribution vehicle.
A big danger averted
Earlier this month the vulnerability was discovered, as per Check Point. Facebook Inc was notified about the vulnerability, and it was quickly fixed. The bug only affected the Messenger app on Android, explained the social networking site in a blog post this Tuesday. Also, the social media giant claims that due to its anti-spam and anti-virus filters, the flaw could not be used to infect the system of the user with malware.
“Because even new content was subject to our anti-malware and anti-spam filters, this bug did not introduce the ability to send malicious content that would have been blocked in the original message,” the blog post read.
At 10.34 am EDT today, Facebook shares were down 0.85% at $117.79. Year to date, the stock is up almost 11% while in the last one-year, it is up over 43%. The stock has a 52-week high of $135.60 and a 52-week low of $72.
Trusted & Regulated Stock & CFD Brokers
What we like
- 0% Fees on Stocks
- 5000+ Stocks, ETFs and other Markets
- Accepts Paypal Deposits
Min Deposit
$200
Charge per Trade
Zero Commission on real stocks
64 traders signed up today
Visit Now67% of retail investor accounts lose money when trading CFDs with this provider. You should consider whether you can afford to take the high risk of losing your money.
Available Assets
- Total Number of Stocks & Shares5000+
- US Stocks
- German Stocks
- UK Stocks
- European
- ETF Stocks
- IPO
- Funds
- Bonds
- Options
- Futures
- CFDs
- Crypto
Charge per Trade
- FTSE 100 Zero Commission
- NASDAQ Zero Commission
- DAX Zero Commission
- Facebook Zero Commission
- Alphabet Zero Commission
- Tesla Zero Commission
- Apple Zero Commission
- Microsoft Zero Commission
Deposit Method
- Wire Transfer
- Credit Cards
- Bank Account
- Paypall
- Skrill
- Neteller
What we like
- Sign up today and get $5 free
- Fractals Available
- Paypal Available
Min Deposit
$0
Charge per Trade
$1 to $9 PCM
Visit Now
Investing in financial markets carries risk, you have the potential to lose your total investment.
Available Assets
- Total Number of Shares999
- US Stocks
- German Stocks
- UK Stocks
- European Stocks
- EFTs
- IPOs
- Funds
- Bonds
- Options
- Futures
- CFDs
- Crypto
Charge per Trade
- FTSE 100 $1 - $9 per month
- NASDAQ $1 - $9 per month
- DAX $1 - $9 per month
- Facebook $1 - $9 per month
- Alphabet $1 - $9 per month
- Telsa $1 - $9 per month
- Apple $1 - $9 per month
- Microsoft $1 - $9 per month
Deposit Method
- Wire Transfer
- Credit Cards
- Bank Account