Tuesday, November 24, 18:23
Home investigations Failure on Facebook allows full access to your account by third parties ...

Failure on Facebook allows full access to your account by third parties without your knowledge! [SecNews Research]

The SecNews research team found critical vulnerability in Facebook, which can affect everyone, at least once in their lives, had created an account on platform, and let's is now disabled.

SecNews as part of its research to find vulnerabilities and security gaps on the most popular social networking platforms, she recently spotted something that will surely surprise you a lot and further reinforce her concerns about how to secure her your personal life on the Internet.

What really happened?

As part of the research, security experts conducted an experiment whose results were "mind blowing".

Three months ago, a SecNews security researcher created an account GMX email, which he will use to set up a Facebook account to control the registration process offered by the platform.

As you will see in the screenshot, the GMX account was created on 02 September 2019 and the Facebook account was created today, 29 November 2019.

 

The researcher attempted to officially register on the social networking platform by following all the steps required.

Facebook

Once the registration was complete, the researcher was suddenly logged into a user account from India.

Being surprised to have access to another user's account so easily and having done so reset password for security reasons, browsed the profile to see if it was really a reasonable Facebook error.

After investigating the profile, it was an account that had been created by 2015, remained active for a year and a half, and then the account was disabled.

Facebook

The fact that another user - from another end of the earth - managed to activate the account without needing anything more than signing up for the platform proves that, once again, the way Facebook handles them data and our personal information is risky, and even if we think that by shutting down our account we will be safe.

SecNews conducted a thorough search of both the Facebook account and the email address associated with it.

"There is a high likelihood of a user in India having previously had the particular email address with which he had linked his Facebook account. OR email address either stopped using it or was blocked from the email service resulting in Facebook being blocked account." the security researcher pointed out.

The email address was probably offered for reuse. Facebook, although completely different at the time of registration, than the original profile, automatically activated the account without any extra confirmation measure.

It's worth noting that in accordance with Facebook's privacy policy, the platform states that "You will not be able to reactivate your account. " after the end of 30 days. In this case, three years had passed.

Facebook

In the end, how easy is it, information and entire accounts that you may have deleted in the past to be in the wrong hands while you feel safe?

How many more Facebook bugs do we need to understand that "that goes up is never lost"?

SecNews signs the validity of this event.

For reasons GDPR and to safeguard personal data, sensitive information in screenshots is hidden.

You can contact our site for further questions on this subject.

This has also been shared on Facebook and we are awaiting a formal response from the popular platform regarding the event.

2 COMMENTS

  1. I have told them since the day they merged with iguru but they never answered….

    I also have the impression that this reply to Peter's comment will appear as a new comment that will not appear to be linked to the other text even though I pressed the κου reply button.
    (as this has happened in many other cases after the merger….)

LEAVE ANSWER

Please enter your comment!
Please enter your name here

LIVE NEWS

How to mute Fleets on Twitter

Twitter "stories", called Fleets, allow you to post content that disappears after 24 hours. But if you want ...

Apple's security chief accused of bribery

A prosecutor in Santa Clara, California, issued an indictment on Monday, accusing Apple security chief Thomas Moyer of offering bribes ...

A mysterious metal monolith was discovered in the Utah desert

A strange metal monolith was found in the Utah desert by a helicopter crew passing through the area!

US election: A small group of accounts spreads fake news

The researchers found that a small group of social media accounts are responsible for spreading fake news about ...

Intel spreads FUD on Ryzen 4000 performance

On Friday, Intel made a presentation to various journalists and analysts telling them that there is a serious discrepancy between the performance of ...

Black Friday: What are Amazon's best deals?

Black Friday is almost here, and we've put together the best deals on Amazon devices. Amazon has an ever-expanding list of devices, ...

Data breach at Bristol City Council

A data breach that took place in the Bristol City Council, resulted in the leak of information such as names and email addresses ...

E-Land-South Korea: Fell ransomware attack

One of the largest retailers in South Korea, E-Land, was forced to close almost half of its stores after a ransomware ...

Investigator breaks down a Tesla Model X in just minutes

A Belgian security researcher has discovered a method that hijacks the firmware of key fobs of the Tesla Model X, allowing him to ...

Arrest of fraudsters for a scam associated with the sale of an airplane!

U.S. police have arrested a man in connection with a multimillion-dollar scam involving the sale of an airplane to Australia. In 2018, research began after ...