After the attack that affected 50 million users, the hacker has changed his plans
Facebook reported a security incident that affected about 50 million users on Friday, September 28, just a day after a Taiwanese hacker claimed that he was preparing to perform a live stream in which he would remove the account of the Facebook founder, Mark Zuckerberg, off the social network platform.
After Facebook announced the hack, which allegedly compromised the data of about 50 million users, the Taiwanese hacker, Chang Chi-Yuan, cancelled his plans to attack Zuckerberg’s profile.
According to specialists in ethical hacking, Facebook spokespersons do not consider the last Friday incident to be related to the threats of the Taiwanese hacker.
Initially, Chang claimed that he would perform the live streaming of the hack against Zuckerberg’s account at 6:00 p.m. on Sunday, ironically, this live broadcast would be done via Facebook.
Experts in ethical hacking were at the expectation of the event when Chang announced the cancellation of his plan: “I cancelled the agreed transmission, I reported the vulnerability to Facebook and I hope to receive a reward from the social network”.
The vulnerability that Chang claims to have reported may be linked to cyberattack and data breach occurred last week.
Specialists in ethical hacking from the International Institute of Cyber Security consider that this could be one of the most serious events in the history of Facebook.
After the attack was revealed, Facebook shares fell 3%; social network security teams are investigating the event.
Specialists in ethical hacking report that the security flaw that hackers could exploit was related to the “view as” function on the platform, which allows users to view their own accounts as other users would see them.
“This allowed them to steal Facebook access tokens that could then be used to intervene the accounts of affected users”, said vice president of product management, Facebook, Guy Rosen. Access tokens are those that allow people to remain connected on computers without having to re-enter login and password information for each site visit.
Chang could have discovered information about the security flaw in online hacking forums after the cyberattack on Facebook, and tried to get the public’s attention by demonstrating the failures of the social network. However, it is speculated that the security announcement published by Facebook collapsed the hacker’s plans.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.