Security researchers find hacking backdoor to Facebook Messenger App
Private messages that you send through your Facebook Messenger can be read by potential hackers using a hacking backdoor in the app. This backdoor vulnerability was found by the security researchers from Check Point, who will demo it at the Infosecurity Conference to be held today afternoon.
The security hole if unpatched could put 900 million people who use Facebook Messenger, at risk. The vulnerability was found by Check Point security researcher Roman Zaikan. Zaikan said that the backdoor allows a potential hacker to launch a man-in-the-middle (MiTM) attack into Facebook Messenger and spy/read messages without either the sender or the reader knowing it. The hacker could also alter the messages for their own malicious gain.
Check Point’s report on the security flaw warns it “could have a severe impact on users due to Facebook’s vital role in everyday activities worldwide.”
Facebook Messenger conversations are held as legal and binding evidence by courts in the United States, Australia and Europe, therefore such hack could be used to alter judgment in key cases. The Check Point corroborated the above point by saying that malicious hacker could alter a conversation to claim he had reached a falsified agreement with a victim of the attack.
“This vulnerability opened the door for an attacker to hide evidence of a crime or even incriminate an innocent person,” it says.
Another potential risk is that a hacker could pose as a friend to infect someone’s computer with ransomware and other malicious payload and then extort the user for unlocking it.
Check Point Australian general manager Christopher Rodrigues said the cybersecurity firm alerted Facebook as soon as it detected the security hole and Facebook has patched the vulnerability. However, Check Point couldn’t confirm how long the Facebook Messenger carried this vulnerability nor it could find the vulnerability exploited in the wild. Neither did Check Point divulge if the vulnerability affected Facebook Messenger Android App or iOS App or both.
“We cannot confirm how many people have been affected by this,” he said.
Rodrigues added that there would be likely ramifications in the legal world in cases where Messenger communications were involved.
“Has that evidence been tampered with it or not? Does that particular individual, or the people in that case, do they know if they’ve been tampered or not? That is something which obviously they need to investigate
“If they think as an individual or a user they think that doesn’t look right or I don’t remember saying that, then they have to take steps. What this means is it means a lot of grief. For sure there will be something that could affect on the legal trait.
“It’s like having an invisible person in your house and you’re not knowing it. They could unlock the doors so when you’re not here somebody else could come in.”
Facebook has confirmed Check Points findings and accepted that there was indeed a vulnerability in Facebook Messenger. Facebook released a statement in a blog post saying it was the result of a “misconfiguration with the Messenger app on Android”.
Facebook said the “bug” allowed someone to change the content of their message but not somebody else’s message.
Facebook said even if someone altered the content of a message, using the flaw in the Android app, the correct version of the conversation still existed in other platforms and could be used as evidence of the unaltered conversation.
If you are a Facebook Messenger, it is recommended that your update your app with the latest version available on Google Play and Apple iTunes Store.
BRUH
How can I see if some else is viewing my messenger. Person set up my account & repeating statements from my account. Shows I’m active on a friend’s phone when I’m not on FB
When using the computer can someone hack your fn msg show that you are on, and use it when you are not even on your computer?
This has happened again – December 2016.
Messenger and Fb have closed and i am asked to log in again. I am uncertain of the authenticity of the login page. Looks suspicious. Whay can we do if we did indeed open the message lnk that a respectable friend sent? (or rather, not the friend but the hacker!)
I have exactly this happen my x changing messages, making it look like I’ve done this aalso cloned my phone ,hijacked gmails,it’s been horrible year. He also altered text too. I could actually see messages move. He had5 messagners, I also think my fb cloned I could send myself pics,and couldn’t get on all my pics for long time mde friend lives St for me. Now Ken off. I don’t know what to do.
Hey
Chandra someone has been hacking my things and cloneing my Facebook
i ned huck of messenger of facebook of elnie cuevas
My. boyfriend daughter somehow got into my facebook messenger and took pictures of my conversations without logging into my account. How did she do it
This is fact. And corrupt cops will do it for a friend. I know, I’ve had it done to me this week. Girlfriend had a cop so it for her.
Please Help me How to Open My Account Hi Jayr Dizon Dordas
Please teach me how to recover a facebook account
Greate article. Keep posting such kind of info on your blog. Im really impressed by your site.