A day after Facebook CEO Mark Zuckerberg revealed plans that Facebook was moving towards a more privacy driven company. A cybersecurity company, Imperva, released details about the Facebook Messenger bug that allows potential hackers to learn who you were talking to on the popular chatting application.
The bug was discovered last year, and exposed who you’ve been chatting with. The bug didn’t show the content of the messages exchanged but just knows who you were in touch with. This raises new questions on the privacy risks that facebook poses to users in the digital space.
Ron Masas, a security researcher who discovered the bug said, “It could be sent to high-profile targets to figure out who they’ve had a conversation with.”
The browser that Facebook had been using, iFrames could gather information like access to likes, location history, and interests of Facebook users. Hackers could embed content in ads and web pages, baiting users to click on a malicious link. This redirected users to infected pages where the attacker queries to see the contacts in his Facebook messenger.
Facebook said on Thursday that it took care of the issue, by completely removing iFrames element from the messenger application.
A similar bug in November last year, hackers could see private posts you’ve liked and what your friends have liked.
These reports trickled in just when Mark Zuckerberg promised enhanced privacy on Facebook after multiple data breach scandals, that first started with Cambridge Analytica. Zuckerberg, yesterday told that Facebook will focus on end-to-end encryption and messages that are automatically deleted after a specific duration.