Bad news for social media addicts – it turns out that it’s super simple for hackers to wheedle their way into your Facebook account and learn all your secrets.
Anand Prakash, a security researcher from Bangalore, India, recently unearthed something called the ‘Password Reset Vulnerability,’ which Hacker News described as: “A simple yet critical vulnerability that could have given an attacker endless opportunities to brute force a six-digit code and reset any account’s password.”
Basically, you know that six-digit code Facebook sends you when you want to change your account’s password? Well, normally after too many tries Facebook blocks you. That is, unless you use the social networking giant’s beta sites, where there’s no limit.
This brute force method (so called because it’s about as subtle as throwing a brick through a shop window) allowed Prakash to launch attacks against any Facebook accounts simply by setting a new password and taking complete control of any account.
Here’s exactly how he did it:
Unfortunately for any would-be hackers, Prakash was a good Samaritan and told the social media giant about the vulnerability, and they fixed it.
He was then presented with a $15,000 (£10,500) award for his efforts by the grateful company, which considering he just showed them a colossal hole in their security network, seems like a relatively small amount.
More of a concept than a journalist, Tom Percival was forged in the bowels of Salford University from which he emerged grasping a Masters in journalism.
Since then his rise has been described by himself as ‘meteoric’ rising to the esteemed rank of Social Editor at UNILAD as well as working at the BBC, Manchester Evening News, and ITV.
He credits his success to three core techniques, name repetition, personality mirroring, and never breaking off a handshake.