Check Point has recently discovered vulnerabilities in Facebook’s messenger both in the online and mobile applications. Check Point Security Researcher Roman Zaikin discovered the vulnerability.
The vulnerability allows a malicious user to change conversation history in the Facebook Online Chat and Messenger App.
By abusing this vulnerability, it is possible to modify or remove any sent message, photo, file, link, distribute malware and much more. Following Check Point’s responsible discloser, Facebook fixed the vulnerability.
There are a few potential attack vectors abusing this vulnerability. These schemes could have a severe impact on users due to Facebook’s vital role in everyday activities worldwide. Many users rely on Facebook for personal and business related communications, which makes such a vulnerability all the more attractive for attackers.
Malicious users can manipulate message history as part of frauds. A malicious actor can change the history of a conversation to claim he had reached a falsified agreement with the victim, or simply change its terms.
The second scenario can affect ongoing law investigations. Facebook chats are admitted as evidence in court houses around the globe. An attacker could hide evidence of a crime and even incriminate an innocent person.
The vulnerability can be used as a malware distribution method. An attacker can change a legitimate link or file into a malicious one, and easily persuade the user to open it. The attacker can use this method later on to update the link to contain the latest C&C address, and keep the phishing scheme up to date.
“Increasing use of social networks for business means, any identified vulnerability on social networks enables the well-organized malicious actors to exploit them for commercial gain beyond deploying reactive security measures to tackle such incidents there is an urgent need to enable proactive threat prevention measures,” said Bhaskar Bakthavatsalu, managing director, Check Point, India & SAARC.
