Latest Threat Research: LetMeowIn – Analysis of a Credential Dumper

Get Informed

Search

2017 Bug Was the Cause of 50 Million User Accounts Being Compromised

Although Facebook has acknowledged the breach, it has still been causing a stir in the news and society alike. The flaw has been found in the “View As” feature of Facebook which gives users the ability to see what their profile looks like to others–ultimately giving attackers the ability to steal access tokens. Engineers for Facebook first noticed the vulnerability on September 16th when servers belonging to Facebook received an abnormal spike. Access tokens are alpha-numeric codes that act as digital keys and the main purpose is to save a user from having to re-enter a password every time they visit the site. “This attack exploited the complex interaction of multiple issues in our code. It stemmed from a change we made to our video uploading feature in July 2017, which impacted ‘View As.’ The attackers not only needed to find this vulnerability and use it to get an access token, they then had to pivot from that account to others to steal more tokens,” Guy Rosen, VP of Product Management at Facebook, said in a press release. At this time, Facebook has patched the Vulnerability and made the FBI, DHS, Congress, and the Data Protection Commission of Ireland aware of the breach. Ninety million users will now have to log back in to their accounts as a result. This is now the second time we’ve seen Facebook suffer from a significant breach within the year.