Info@NationalCyberSecurity
Info@NationalCyberSecurity

Critical Facebook Password 0-Click Account Takeover Hack Revealed | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker


A critical zero-click exploit uncovered by a seasoned bounty hunter hacker, ranked number one in the Facebook Hall of Fame 2024, could have enabled hackers to take over any Facebook account. Samip Aryal, a bug bounty hunter from Nepal, has published details of how they found a vulnerability in Facebook’s password reset system that would allow an attacker to compromise any Facebook account. The zero-click exploit earned Aryal his highest bounty so far although the precise amount has not been disclosed.

In a blog posting describing the exploit on Medium, Aryal describes the zero-click vulnerability as a “rate-limiting issue in a specific endpoint of Facebook’s password reset flow that could’ve allowed the takeover of any Facebook account by brute-forcing a particular type of nonce.” The Wikipedia definition of a cryptographic nonce is “an arbitrary number that can be used just once in a cryptographic communication.”

Aryal explains that by uninstalling and re-installing different versions of Facebook for Android, critically by using “different user-agents to see the server’s responses on each of the login pages,” a password reset notification to send a login code popped up. This piqued Aryal’s interest enough for him to begin testing for three reasons:

  1. The sent nonce was active for longer than expected
  2. The same nonce code was sent every time for the period
  3. No code invalidation was present after entering the correct code following multiple invalid attempts

All that an attacker needed to know was the Facebook username for the target. After using a brute-force attack methodology, which allowed the entire search space to be covered in about an hour, Aryal discovered that, for some users at least, the nonce code would be displayed right there on the notification itself. This is the very definition of a zero-click exploit. Even for those cases where the code wasn’t displayed this way, Aryal says that it only took a single click to open the notification and the code to be displayed on another screen.

As I say, this vulnerability has now been fixed by Meta, so Facebook users need not worry about it anymore. That said, I would always recommend the use of a strong password or passphrase coupled with two-factor authentication. I have reached out to Meta for a statement and will update this article in due course.

MORE FROM FORBESJaw-Dropping New Hack Turns Your Phone Screen Into Covert Spy Camera
Follow me on Twitter or LinkedInCheck out my website or some of my other work here

——————————————————–


Click Here For The Original Story From This Source.

.........................

National Cyber Security

FREE
VIEW