According to a SlashGear, Facebook’s Messenger app was found wanting in the security and privacy department when a researcher found a loop hole that allowed attackers to listen in on calls using a rather simple hacking method.
Technical details of the Facebook calling bughttps://t.co/wwL9gedW8c
— Natalie Silvanovich (@natashenka) November 19, 2020
The researcher in question is Natalie Silvanovich who posted on Twitter recently about the bug that she discovered earlier in the year; all she needed was simply send a sting of code as a text to the victim, which would force the receiving device to automatically accept the incoming call – from there, the attacker will be able to hear anything the victim is saying.
Facebook generously awarded a bounty of $60,000 for this bug, which I’m donating to the @GiveWell Maximum Impact Fund https://t.co/JvZt9Fw4nx
— Natalie Silvanovich (@natashenka) November 19, 2020
For that to happen, it appears that the attacker at least needs to have your profile information – so don’t go handing out your social media details to strangers. The good news is that the latest version of Messenger has fixed the bug and is now safe from this particular exploit. If you’ve been holding out on updating your app, you should probably do it, or at least delete it if you don’t intend on using it.
2 comments