Facebook patches critical Messenger Bug that would let hackers spread malware

Facebook has reportedly patched a critical bug that was recently discovered in its Messenger service. The bug that was reported by a security research firm would give hackers access to chats and eventually even allow them to spread malware.

Security research firm Checkpoint found the loophole in Facebook Messenger app and informed the social network about the same. Soon Facebook patched the flaw that would allow hackers to pinpoint an identifier related to each and every message sent via the messaging service.

The hacker could easily alter the content of the message which would lead to plenty of confusion as these would be sent from Facebook’s own servers. Confusion aside, Facebook and the victim would have no clue that their chats are being monitored and modified.

Confusion aside, there are other bigger issues to do with malware. The same firm also stated that the vulnerability could have allowed the attacker to insert malicious links into chats gaining victims for malware and doing even more damage by spreading the malware via images as well.

End-to-end encryption would have been a solution for the same. And last we heard, Facebook will be implementing the same soon. The social network will be putting up a choice for its users in a month or two asking them to choose between privacy or artificial intelligence.

The Guardian reported that Facebook plans to release an encrypted communications mode for its Messenger app. The system is similar to what we have with WhatsApp, and will offer end-to-end encryption. Of course those who opt in for encryption will have to wave good bye to customised services like bots that are expected to make lives easier letting users do everything from buying tickets to buying products from a business using chatbots. The obvious catch here is privacy as the bots would need access to personal data to know your requirements better. Google too faced similar criticism after the announcement of its new messaging app called Allo.


. . . . . . . .

Leave a Reply