Vulnerability allows malicious users to change conversation history in the FB Online Chat & Messenger App enabling them to manipulate message history as part of frauds
Check Point has disclosed details about a vulnerability found in the Facebook Messenger, both in the online and mobile applications. Following Check Point’s responsible discloser, Facebook fixed the vulnerability promptly.
What is this vulnerability?
The vulnerability allows a malicious user to change conversation history in the Facebook Online Chat & Messenger App. By abusing this vulnerability, it is possible to modify or remove any sent message, photo, file, link, and much more.
The Vulnerability was fully disclosed to the Facebook Security team earlier this month. Facebook immediately responded, and after a joined effort the vulnerability was terminated.
What is the potential damage of this vulnerability?
There are a few potential attack vectors abusing this vulnerability. These schemes could have a severe impact on users due to Facebook’s vital role in everyday activities worldwide. Many users rely on Facebook for personal and business related communications, which makes such vulnerability all the more attractive for attackers.
- Malicious users can manipulate message history as part of frauds. A malicious actor can change the history of a conversation to claim he had reached a falsified agreement with the victim, or simply change its terms.
- The second scenario can affect ongoing law investigations. Facebook chats are admitted as evidence in court houses around the globe. An attacker could hide evidence of a crime and even incriminate an innocent person.
- The vulnerability can be used as a malware distribution method. An attacker can change a legitimate link or file into a malicious one, and easily persuade the user to open it. The attacker can use this method later on to update the link to contain the latest C&C address, and keep the phishing scheme up to date.
Bhaskar Bakthavatsalu, Managing Director, Check Point, India & SAARC commented, “Increasing use of social networks for business means, any identified vulnerability on social networks enables the well-organized malicious actors to exploit them for commercial gain beyond deploying reactive security measures to tackle such incidents there is an urgent need to enable proactive threat prevention measures.”
According to the release, Check Point Security Researcher Roman Zaikin discovered the vulnerability. By abusing this vulnerability, one can control the Facebook chat and adjust the messages according to his needs, including deleting them and replacing text, links, and files.
Oded Vanunu, Head of Products Vulnerability Research at Check Point remarked, “By exploiting this vulnerability, cybercriminals can change the link and adjust their Campaign without the victim awareness. The malicious actors can maintain the links they send or just create some automation that will change the message when the command & control servers are replaced.” He added, “We applaud Facebook for such a proper responses and handling the security issue in a professional manner.”
