Modify & Delete Facebook Messages

Sometimes I receive emails from our readers who wanted to know how to hack Facebook account, but just to delete some of their messages they have sent to their friends or colleagues mistakenly or under wrong circumstances like aggression. How to hack a Facebook account? It is probably the biggest "n00b" question you will see on the Internet.

The solution for this query is hard to find — but recently researchers have shown that how you can modify or alter your messages once you have pressed the SEND button in Facebook Messenger. According to the researcher Roman Zaikin from cyber security firm Check Point, a simple HTML tweak can be used to exploit Facebook online chat as well as its Messenger app, potentially allowing anyone to modify or delete any of his/her sent message, photo, file, and link.

Though the bug is simple, it could be exploited by malicious users to send a legitimate link in a Facebook chat or group chat, and later change it to a malicious link that could lead to a malware installation, tricking victims into infecting their systems.

Here’s How the Exploit Works:


The exploit works on the way Facebook assigns identities to chat messages. Each chat message has a unique "message_id" identifier that could be revealed by sending a request towww.facebook.com/ajax/mercury/thread_info.php

Once message_id is identified, an attacker could alter its respective message content and send it back to Facebook servers which accept the new content as legitimate and push it back to the victim’s PC or mobile device.
"What’s worse. The hacker could implement automation techniques to continually outsmart security measures for long-term chat alterations. We applaud Facebook for such a rapid response and putting security first for their users."

Researchers discovered the vulnerability earlier this month and notified Facebook about the flaw.

The social networking giant promptly moved to fix the vulnerability, though Facebook explained that the flaw only affected its Messenger app on Android.

"Based on our investigation, this simple misconfiguration in the Messenger app on Android turned out to be a low-risk issue, and it's already been fixed," Facebook wrote in its blog post published Tuesday.

Additionally, Facebook claims the vulnerability could not be exploited to infect its users' PCs with malicious software, as the company is using anti-spam and anti-virus filters to detect malware and spams.
"By exploiting this vulnerability, cyber criminals could change a whole chat thread without the victim realizing," said Oded Vanunu, Head of Products Vulnerability Research at Check Point.
SHARE

Milan Tomic

Hi. I’m Designer of Blog Magic. I’m CEO/Founder of ThemeXpose. I’m Creative Art Director, Web Designer, UI/UX Designer, Interaction Designer, Industrial Designer, Web Developer, Business Enthusiast, StartUp Enthusiast, Speaker, Writer and Photographer. Inspired to make things looks better.

  • Image
  • Image
  • Image
  • Image
  • Image
    Blogger Comment
    Facebook Comment

0 comments:

Post a Comment