Facebook’s Now Patched Vulnerability in Messenger Let Hackers Manipulate Chats

According to Check Point, vulnerability existed within Instant Messenger application of Facebook which let cyber-criminals gain certain man-in-the-middle stature for altering any string of inter-communication conducted secretly.

The company has revealed the vulnerability's details following its reporting about the loophole to Facebook during June 2016. Facebook has since issued a security patch for the flaw.

Explaining further, Check Point stated the vulnerability let criminals gain control over a chat session followed with erasing, editing or substituting files, web-links or texts in whatever manner they wanted thus making victims prone towards imitation and ID-theft.

Although the above behavior mayn't appear very alarming just by looking at it in comparison with hacking an A/C for seizing payment card information, an attacker can insert web-links inside the chat session redirecting users onto one malevolent site. This could be added with malware-tainted photos/videos also.

However, increasingly bigger dangers may occur. Check Point notes those criminals could embezzle with the message history of the victim through some fraudulent campaign for depicting that he decided for an untrue agreement. Hackers could as well modify important messages within chats on Facebook which was capable of leading to legal problems while the victim could be made to appear guilty despite being innocent. Digitaltrends.com posted this, June 7, 2016.

Cyber-criminals could hide/alter/tamper vital information during Facebook chat sessions that could cause legal consequences. Chats could get regarded as clues within lawful procedures and the Facebook flaw provided an opportunity for hackers to conceal an offence's evidence alternatively make a gullible person look guilty.

Besides, a message persisting within chat history of the user could get updated in future or closed followed with the attacker subsequently reopening it on some new address.

Check Point's Products Vulnerability Research chief Oded Vanunu says cyber-criminals abusing this flaw can modify an entire conversation while the victim remains unaware. Things become worse with the hacker deploying methodologies of automation for continuously defeating security measures to facilitate chat modifications over the long run.

Additionally, with blocking of the initial chat, no new content whether web-links or malware can be included. Facebook states every message is still passed via its anti-spam/anti-malware filters.

» SPAMfighter News - 6/13/2016