Last week Facebook has addressed a security issue that exposed page admin accounts, the bug was exploited in attacks in the wild against several high-profile pages.
The page admin accounts are anonymous unless the Page owner opts to make the
“The accounts behind those pages are anonymous unless a Page owner opts to make the
Wired confirmed that on message boards like 4chan, people started posting screenshots that
Facebook quickly addressed the issue after it was alerted by a security researcher.
“We quickly fixed an issue where someone could see who edited or published a post on behalf of a Page when looking at its edit history,” Facebook said in a statement. “We are grateful to the security researcher who alerted us to this issue.”
The list of the pages targeted by hackers included the ones belonging to President Donald Trump, the street artist Banksy, Russian president Vladimir Putin, former US secretary of state Hillary Clinton, Canadian prime minister Justin Trudeau, the hacking collective Anonymous, climate activist Greta Thunberg, and the rapper Snoop Dogg, among others.
In February 2018, the security researcher Mohamed Baset discovered a similar vulnerability on Facebook.
Baset explained that the flaw was a “logical error” that he discovered after receiving an invitation to like a Facebook page on which he had liked a post. The researchers analyzed the source code of the email sent by the social network and discovered it included the name of the administrator of the page and other info.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.