Author: Lowell Heddings / Source: How-To Geek
The bad news for Facebook’s users just won’t end. Today Facebook had to admit that the accounts for 50 million people were somehow accessed by hackers abusing a little-known feature.
The “View As” feature gives you the ability to see what your profile looks like to somebody else—so you can check to see whether your privacy settings are being correctly applied, for example.
Hackers were able to abuse a security hole in this feature to steal access tokens to take over people’s accounts—basically, the login cookies that keep you logged in. This is not unlike the session hijacking attacks that were starting to be prevalent a number of years ago by people sniffing network traffic at hotspots. It’s one of the reasons you’d always want to use a VPN, and why the web has been switching to HTTPS. Except, in this case, the bug was in Facebook’s code so nothing could protect you.
The problem appeared to be in a video uploader for sending messages, which…
The post Did You Get Logged Out of Facebook? It’s Because 50 Million People Got Hacked appeared first on FeedBox.