Sunday 26 January 2020

Hacker finds Facebook security flaw


Mark O'Beirne

A white-hat hacker discovered a security flaw in a Facebook server containing staff details, managing to gain access to usernames and passwords.

A hacker discovered a vulnerability in Facebook’s server, which would allow for a backdoor to be opened and staff usernames and passwords to be extracted.

Orange Tsai is the exploit hunter in question; he discovered the vulnerability back in February and turned the details over to Facebook’s security team. As a result, the issue has since been fixed. Of course, he benefitted as a result of discovering the issue. Apparently, he was rewarded with $10,000 for his efforts.

Facebook security engineer, Reginaldo Silva, revealed that the backdoor was added by another bounty hunting security researcher. Silva said that this was not a malicious attack.

"Neither of them were able to compromise other parts of our infrastructure, so the way we see it, it's a double win: two competent researchers assessed the system, one of them reported what he found to us and got a good bounty, none of them were able to escalate access," they added.

Online Editors

Also in Business