Online security company Check Point Software Technologies has discovered a flaw in Facebook’s chat app that allows hackers to log in and change the content of chat messages (individual messages or entire chat streams) without notifying users that changes have been made.
The exploit is accomplished by finding the unique identification number associated with each individual chat message. Once the hacker has this information, it’s a simple matter of editing the content associated with that identifier.
On further investigation into the matter, Facebook concluded that the exploit is only present in the Messenger app offered for Android devices, and has since been fixed, however, at this point, it is well understood that the hacking community is absolutely relentless, and if there’s one exploit, there’s bound to be another.
Unlike many hacks that have come to light in recent months, this one lacked the ability to actually install malware, or do anything to directly take control of a user’s computer or handheld device, but in some ways, its potential uses are far more insidious. Facebook chat logs can be admissible as evidence in a court of law. If these can be altered at will by parties possessing the right skill set and/or tools, it could potentially have devastating consequences.
As mentioned, this particular exploit has already been identified and fixed, but it’s important to understand that as the hackers keep demonstrating, there’s no sphere of our online lives that they cannot touch, influence, and potentially use against us.
If you’re worried about security at your firm, but are not quite sure what to do about it, contact us today and we’ll put you in touch with a member of our team who can assess your current digital security, and help you improve it, in order to give you greater peace of mind and protect your company’s proprietary data.