Short Bytes: Security firm Cynet has discovered a critical issue that affects the privacy of 1-billion Facebook Messenger users. Dubbed Originull, this flaw is also expected to affect millions of other websites using origin null restriction checks. Facebook has fixed this issue after it was reported by the firm.
Facebook, with the help of its Messenger and WhatsApp instant messaging application, has managed to replace the conventional text messages. Now, more than 1 billion active monthly users trust Facebook Messenger with their conversations. In the recent times, the social network has worked hard to add new features and develop it as a platform.
Earlier this week, Cynet reported a critical vulnerability that was spotted on Facebook. This hack, dubbed “Originull,” potentially affects millions of website that use origin null restriction checks and exposes the website visitors to malicious elements.
The vulnerability being talked about is a cross-origin bypass attack that lets an attacker use some external website and read a Facebook user’s private messages. This flaw affects Facebook’s mobile app as well as the website.
Usually, your browser protects you from such hacks by only allowing Facebook pages to fetch the information. However, due to this bug, Facebook opens a bridge that allows the subsites of the social network to access the information.
A security researcher of Cynet, Ysrael Gurt, discovered a flaw in the way Facebook manages the identity of these subsites. To exploit the flaw, a hacker needs to fool a Messenger user into visiting a malicious website.
The two-line technical summary of the hack states:
This meant that if we could cause the browser to send “null” in the “origin” header, we would get a “null” value in the “Access-Control-Allow-Origin.
Fossbytes readers, who are interested in reading the complete technical details of the hack, can download the complete ‘Originull’ privacy hack report here. Cynet has reported the issue to Facebook and they have patched this loophole.
Gurl has also created a proof-of-concept video to demonstrate the Originull privacy hack: