Flaw found in Facebook authorization likely to Trigger Malicious Attacks

cyberoam_logoCyberoam announced its Threat Research Labs (CTRL) has found a critical flaw in Facebook’s access token authorization mechanism. CTRL found this vulnerability while investigating an ongoing Facebook spam ‘lady with razor-sharp axe’. Vulnerability researchers at CTRL reveal this security flaw allows attackers to perform a range of malicious activities such as uploading photos and videos, posting comments, pay with Facebook, publish content, and send SMS, read mailbox, tag friends’ photos and more. With this, an attacker is able to perform nearly every task which a Facebook user can do and hence allows various malicious actions.

“Ongoing Facebook spams such as ‘lady with razor-sharp axe’ tend to store stolen Facebook access tokens on their servers for further attacks or exploits.  This attack is not limited only to tagging or uploading of photos. Upon clicking the link, Facebook users are unwittingly handing over complete access to their Facebook account, which remains available to attackers even after an affected user logs out from Facebook account”, says Bhadresh Patel, lead vulnerability researcher at CTRL.

Findings from CTRL identify a security vulnerability that allows cyber attackers to bypass Facebook’s Access Token Authorization mechanism. This entitles cyber attackers to generate unauthorized yet valid access tokens. CTRL has already reported this vulnerability to Facebook and extensive investigation from CTRL would be revealed upon suitable reciprocation or release of security patch from Facebook.

CTRL suggests following safeguard measures against this Facebook spam like as a Facebook user, do not get tempted to visit or click this video / link. Any Facebook user who has already visited this link should immediately change his / her Facebook account password, for this would lead to expiry of old Access Tokens.  Turn-off  “Apps you use” from App Settings in Facebook account so that no app is able to gain access token to Facebook account

In the wake of such growing threat incidents, Cyberoam believes that users of Social Media need to be provided with adequate awareness to promote safe social networking.