 |
| Facebook Camera |
If your Facebook Camera app
on your Apple device is older than version 1.1.2, which was released on
December 21st, you have to update it immediately. A security loophole
was spotted in the app, which could put you at risk from having your
personal information stolen.
When you use the older version of Facebook Camera over WiFi networks,
malicious hackers can infiltrate the network and hijack your account,
picking up personal details such as email addresses and passwords.
Mohamed Ramadan, an Egypt-based white-hat hacker (someone who looks
for security loopholes so it would be remedied) who has also found and
reported vulnerable spots in Apple, Google, and Etsy. In an interview
with TechCrunch, Ramadan explains that the bug is located in the Camera
app’s Secure Sockets Layer (SSL) certification, which was too open.
“The problem is the app accepts any SSL certification from any
source, even evil SSL certifications and this enables any attacker to
perform Man in The Middle Attack against anyone uses Facebook Camera App
for iPhone,” Ramadan says. “This means that the application doesn’t
warn the user if someone in the same (WiFi network) trying to hijack his
Facebook account.”
Meanwhile, Facebook has confirmed Ramadan’s discovery and has since been addressed in the 1.1.2 version,
adding that there was no evidence the bug was “exploited in the wild.”
Ramadan also received an unspecified amount of bounty for his
“contribution to Facebook Security.”
Source: Attack-Secure, via TechCrunch
No comments:
Post a Comment