A British security researcher recently uncovered a
bug allowing
to take over someone else's Facebook account via
text message, a vulnerability that could
have compromised millions of profiles The researcher reported it to Facebook and earned $20,000 reward from the company.
Jack Whitton, an application security engineer who
also works as a security researcher in his spare time, discovered the bug on
may 23. whitton found that he could trick Facebook
into sending him a password reset code for another
user's account, potentially allowing him hijack the account of anyone who had a
profile linked to their
cellphone number. he immediately reported the bug
to Facebook, and it was fixed five days later.
No comments:
Post a Comment