- Advertisement -Newspaper WordPress Theme

Top 5 This Week

spot_img

Related Posts

Revolutionary Breach: Hacker Cracks All Facebook Accounts in One Hour

A Groundbreaking Discovery

In an unprecedented cybersecurity breakthrough, Nepalese security researcher Sumit Aryal has made headlines by finding a vulnerability in Facebook’s password reset system. This flaw allowed a potential attacker to gain access to any Facebook account without any interaction from the account owner. Facebook has recognized Aryal’s discovery by awarding him a record-breaking sum, securing his top spot in Facebook’s Hall of Fame for white hat hackers in 2024. The exact amount of the reward, however, remains undisclosed.

The Vulnerability Exposed

Aryal discovered that Facebook’s password reset function lacked a limit on the number of attempts to request a security code. This oversight opened the door for attackers to employ brute force methods to guess the 6-digit security code without triggering any security measures to lock the account or alert the user.

Technical Insights

During his investigation, Aryal found that while attempting a password reset through Android Studio, users were prompted to receive a security code via a Facebook message. Interestingly, this code remained valid for two hours, even after multiple failed attempts to enter it correctly. This differed significantly from the SMS reset option, where the code would be invalidated after a few incorrect attempts.

By employing a brute force technique, Aryal was able to check all possible code combinations within an hour. He identified a critical vulnerability that allowed the security code to be displayed directly in the message, eliminating the need for the user to click on it.

Implications and Fixes

This discovery has shed light on a significant security oversight within one of the world’s largest social media platforms. Facebook has since taken measures to address this vulnerability, ensuring that a similar breach cannot occur in the future.

Conclusion: A Wake-up Call for Cybersecurity

Aryal’s groundbreaking work serves as a stark reminder of the ever-present vulnerabilities within digital platforms, no matter their size or the extent of their security measures. It highlights the importance of ongoing vigilance and innovation in cybersecurity to protect user data against potential threats. Aryal’s achievement not only earned him a substantial reward but also contributed significantly to making the online world a safer place.

Popular Articles