New Bug in Facebook Messenger Leaked Personal Data of Users

This bug in Facebook Messenger allowed websites to gain access to users' data, including who they have been chatting with, say researchers

By March 8th, 2019 AT 11:53 AM
Highlights
  • The bug has now been fixed by Facebook
  • Mark Zuckerberg intends to make Facebook "privacy-focused" like WhatsApp

As Facebook CEO Mark Zuckerberg discussed about making his platform more secure, a bug in Facebook Messenger allowed websites to gain access to users’ data, including who they have been chatting with, say researchers. Now fixed by Facebook, the vulnerability in the web version of Messenger allowed any website to expose who you have been messaging, revealed Ron Masas, a researcher with cybersecurity company Imperva, in a blog post late on Thursday.

The researcher reported the vulnerability to Facebook under their responsible disclosure programme and the social media platform mitigated the issue. In November 2018, Masas and his team discovered a Facebook bug that allowed websites to extract data from users’ profiles via cross-site frame leakage (CSFL) which is known as a side-channel attack performed on an end user’s web browser.

“Browser-based side-channel attacks are still an overlooked subject. While big players like Facebook and Google are catching up, most of the industry is still unaware,” wrote Masas. Facebook Messenger has over 1.3 billion users globally.

Zuckerberg on Thursday said he is working to make Facebook “privacy-focused” like WhatsApp. The “privacy-focused platform” will be built around principles like private interactions, encryption, reducing permanence, safety and interoperability.

Read more on:

Leave a Reply

avatar
Photo and Image Files
 
 
 

Recent Posts

Unlimited Broadband Plans from Hathway, Airtel, Tata Sky and You Broadband Detailed

The broadband industry is brimming with lots of new offers, plans and changes in the run-up to the launch of...

OnePlus Announces OxygenOS 9.0.7 Rollout for OnePlus 5 and OnePlus 5T

The OnePlus 5 and OnePlus 5T have started receiving the OxygenOS 9.0.7 update in India. To recall, both of these...

Reliance Jio Finally Ready for GigaFiber Launch After a Year-Long Wait

The biggest wait in the telecom industry of India has been of Reliance Jio’s fibre-based broadband service, Reliance Jio GigaFiber....