Story image

Facebook Messenger hack exposed: Expert insights and advice

14 Jun 2016

A recently discovered vulnerability in Facebook Messenger could have had monumental consequences.

Check Point Software Technologies discovered the flaw, which would have allowed an attacker to modify or remove any sent message, photo, file or link. Fortunately, the breach was disclosed immediately to Facebook‘s security team, and the backdoor was patched up in short time.

In a blog post, Check Point head of products vulnerability research Oded Vanunu notes that by exploiting this backdoor, cybercriminals could change a whole chat thread without the victim realising.

“What’s worse, the hacker could implement automation techniques to continually outsmart security measures for long-term chat alterations,” he says. “We applaud Facebook for such a rapid response and putting security first for their users.”

What can you do?

Dan Slattery, senior information security analyst at global cyber-security firm, Webroot, says that while the actual flaw within Facebook’s system has not been yet fully determined, there are a number of actions that individuals can take to protect themselves on the social network.

“With Facebook’s significance continuing to grow, it is becoming more and more important for users to turn on and regularly check their security measures,” Slattery says. “Here are four steps users can take to help protect themselves from hacking threats:

1. Have a unique, strong password that is not used anywhere else

2. Turn on Two Factor Authentication. Facebook calls this ‘Login Approvals’ and can be turned on in SETTINGS > SECURITY > LOGIN APPROVALS.

3. Manage active logged in sessions (Settings > Security > “Where You’re Logged In”) If you see anything you don’t recognise you can end that session, or you can wipe everything but your current session by clicking on “End All Activity” – You would then need to log back in everywhere you use Facebook.

4. Clear out any Apps that you have given permissions to your account that you no longer use. The complete list can be found in Settings > Apps.”

It is clear that in today’s increasingly digital (and increasingly dangerous) world, it is becoming more and more important for individuals and businesses to be proactive and take the initiative when it comes to their cyber security.

Web design programmers do an about face – again!
Google is aggressively pushing speed in the mobile environment as a critical ranking factor, and many eb design teams struggling to reach 80%+ speed scores on Google speed tests with gorgeous – but heavy - WordPress templates and themes.
Digital spending to hit US$1.2 trillion by 2022
A recent study by Zinnov shows that IoT spend reached US$201 billion in 2018 while outsourcing service providers generated $40 billion in revenue.
'Iwi Algorithm' can grow Aotearoa's mana
Ngāti Whātua Ōrākei innovation officer Te Aroha Grace says AI can help to combine the values from different cultures to help grow Aotearoa’s mana and brand – and AI is not just for commercial gain.
Dropbox brings in-country document hosting to A/NZ & Japan
Dropbox Business users in New Zealand, Australia, and Japan will be able to store their Dropbox files in-country, beginning in the second half of 2019.
Why 'right to repair' legislation could be a new lease on life for broken devices
“These companies are profiting at the expense of our environment and our pocketbooks as we become a throw-away society that discards over 6 million tonnes of electronics every year.”
Kiwis know security is important, but they're not doing much about it
Only 49% of respondents use antivirus software and even fewer – just 19% -  change their passwords regularly.
Instagram: The next big thing in online shopping?
This week Instagram announced a new feature called checkout, which allows users to buy products they find on Instagram.
Apple's AirPods now come with 'Hey Siri' functionality
The new AirPods come with a standard case or a Wireless Charging Case that holds additional charges for more than 24 hours of listening time.