X

BEWARE! Indian researcher discovers QR code bug that allows anyone to hack Facebook accounts

Speed News Desk 14 December 2017, 19:00 IST

BEWARE! Indian researcher discovers QR code bug that allows anyone to hack Facebook accounts

In an unbelievable act it is believed that online social media giant Facebook is prone to hacking. Such cases have come before and now a new case has emerged. You do not need any hacking courses for such hacking. Only by taking advantage of the flaws of Facebook, any one can peep into another's account.

According to India Today, in India, there is a cyber security researcher Kartik Singh who explained the shortcomings found in Facebook in detail. Actually Facebook has given an option to log in, which is called 'Login with your phone'. It appears on the login page. Users can log into Facebook by scanning the QR through its features.

Kartik claimed that this QR can be misused, because this QR code is not linked to user id, which has scanned it and the hacker can send it to someone who generated the URL from this QR code. Your account can be accessed by clicking on this URL.

Facebook's new feature is 'Login with your Phone' option. This feature gives QR code to the user, which users can scan in two ways. It can be scanned through the Facebook app. In the app of Facebook, there is a scan QR code option on the right. The second way is a third-party scanner that you can download from the Play Store or App Store. You can login with the QR code given for the given login and mobile by scanning it.

The researcher used the Facebook app first to scan the QR code so that they easily logged in. After this he scanned it with a third party QR code scanner and found a URL.

He transferred the generated URL from the QR code scanner to the other mobile via WhatsApp, which he had previously logged into the Test Facebook account. Clicking on the URL directed him to Allow and Deny's option to log in with them.

Researcher told that at this point he expected that there would be an error. But it did not happen and he managed to open the test account in his computer which was astonishing for him. For this, he did not even need to enter the password.

He tried this process many times and succeeded every time. In this way he could hack any user's Facebook account. Kartik has also informed Facebook about the bug and the social networking company has fixed it.

REALATED STORIES