More Tech
HACK ATTACK

Facebook ‘knows who hacked 30million users’ – and it WASN’T a rogue state

The social network appears to have cracked the investigation into who was behind a major cyber-attack earlier this year

By Sean Keach
18th October 2018, 11:00 am
Updated: 18th October 2018, 11:21 am

FACEBOOK has solved the mystery of who was behind this year’s major hack attack, a new report claims.

The company has been silent about who conducted the cyber-attack since publicly revealing the breach in late September.
A Facebook privacy blunder left tens of millions of users exposed

Facebook initially admitted that it had given hackers complete access to 50million accounts – but later trimmed the figure to 30million.

These hackers were able to “use the account as if they were the account holder”, according to one top official.

But Facebook has been closely guarding the identity of the attackers during its investigation.

Now the Wall Street Journal that it was “spammers” who logged into tens of millions of accounts illegally.
Getty Images - Getty
Security researchers at Facebook HQ may have discovered who was behind the attack

The report notes that the “preliminary findings” suggest that the hackers weren’t associated with any nation state.

This quells fears that powerful cyber-giants like Russia, China or North Korea may have been involved in the attack.

Instead, the WSJ writes that the attackers were “spammers looking to make money through deceptive advertising”.

The report is based on several sources “familiar with the company’s internal investigation”, but weren’t named.

Facebook hack timeline – when did it all happen?

Here's what you need to know...

  • The vulnerability in Facebook’s code was the result of three separate bugs
  • These were created in July 2017, when Facebook created a new video upload functionality
  • On September 16, 2018, Facebook discovered unusual activity, which manifested itself as a “spike in users”, according to officials
  • Facebook then launched an investigation
  • On Tuesday, September 25, Facebook uncovered the attack and found the vulnerability
  • On Wednesday, September 26, Facebook notified law enforcement
  • On Thursday evening – September 27 – Facebook said it fixed the vulnerability
  • On Friday evening – September 28 – Facebook disclosed the vulnerability to the public

Facebook declined to comment specifically on these claims when asked by The Sun.

However, a spokesperson directed us to an earlier statement from Facebook’s Guy Rosen, who said: “We are cooperating with the FBI on this matter.

“The FBI is actively investigating and have asked us not to discuss who may be behind this attack.”

According to the WSJ, internal researchers believe the attackers are a group of “Facebook and Instagram spammers”.

These so-called spammers reportedly present themselves as a digital marketing company who make money with dodgy ads.

Facebook hacked: Tech company head assures security improvements after attackers logged into 50million profiles and got access to posts, photos and messages in security breach ‘disaster’

The breach – described as a security “disaster” by experts – was possible thanks to several bugs in Facebook’s systems, which were exploited by hackers.

It meant that attackers were able to log in as absolutely anyone – and access their profiles, photos, friend lists, and even private messages.

Facebook logged 90million users out as a safety precaution, but the bugs had been live in the website’s code since June 2017.

Facebook hack – how did this breach happen

Here's how it worked...

  • Facebook’s systems were compromised through the ‘View As’ feature
  • ‘View As’ lets you see your profile as another specific user would see it
  • The three bugs related specifically to a re-design of the video uploader tool
  • When using ‘View As’, the video uploader tool shouldn’t have shown up at all
  • But on specific posts encouraging people to post happy birthday greetings, it did show up
  • The second bug was that the video uploader incorrectly used Facebook’s single sign-on functionality, and generated an access token for the mobile app
  • The third bug was that when the video uploader showed up, the access token was generated for not you as the user, but for the user you were looking up
  • This was discovered by attackers, who were able to use this system to look up other users and get further tokens

MOST READ IN TECH

DREAM STREAM
Easy trick to SAVE up to £400 on main streaming apps after Netflix price hike
OFFLINE
PlayStation Network Down: Worldwide outage stops users from playing online

The Sun recently revealed how Facebook faces a maximum fine of just £1.25billion, which is less than 3% of CEO Mark Zuckerberg’s fortune.

And we also told how Facebook could be forced to pay affected Brits £6,000 because of the attack.

Do you trust Facebook? Let us know in the comments!

We pay for your stories! Do you have a story for The Sun Online news team? Email us at tips@the-sun.co.uk or call 0207 782 4368 . We pay for videos too. Click here to upload yours.

Exit mobile version