A team of researchers have recently revealed a vulnerability in Facebook’s Messenger app that gave cybercriminals an advantage to tamper a user’s chat content and inject malware in the messages.
Researchers from Check Point security firm found that security flaw in Facebook’s Messenger app, that is available both in mobile and desktop space, allowed third-party actors to modify genuine links present in a user’s chat box to a malicious one.
The researchers who uncovered the bug reported it to the Facebook team earlier this month, and the social media company claims to have patched the problem soon after. The company rolled out a new update of the Messenger to overcome the threat. Meanwhile, officials at Facebook said that the bug didn’t pose any major risk to users and only briefly affected Android version of the Messenger app. The Messenger service already has an internet security tool embedded in it to filter out spam content, malwares and possibly ransomware attacks, Facebook said.
To execute the attack, any cybercriminal with a sound knowledge of HTML could steal the ID of a particular message threat, possibly using a debugging tool. Empowered with the message ID, they can send a modified – or malicious – messages to Facebook’s servers pretending to be genuine users. The original users of the message would not be notified about it because their message ID makes Facebook believe that it’s them initiating the communication.
The root problem to this vulnerability lies in the fact that Facebook archives all of its users’ chat history in its servers, which it can retrieve and modify without the user knowing it. So essentially, if attackers were to exploit this security flaw, they would be employing a technique that is easily carried out by Facebook server admins.
End-to-end encryption, meaning if Facebook lets go of its control over users’ messages for the sake of data security, can be of utmost use in this scenario. That way, the users’ messages would be stored on their devices instead of Facebook’s servers without the possibility of a hacker – or even Facebook – tampering the content from a remote location. The only condition is to have the encryption being properly carried out and authenticated.
From a user point of view, opting for a strong anti-malware or anti-spam product can prevent them from falling prey to malicious attacks, including phishing emails and ransomware threats. An anti-spam software identifies spam content and blocks it from entering a system. Modern anti-spam is equipped with a broad spectrum of filters and scanners and other type of security applications. Anti-malware, while not much different from anti-spam products, get automatic updates on latest virus descriptions and protect computers against all the new threats.