• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 15th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Technology News
Social Network News

Security Experts Discover Malware in Facebook’s Staff Server

April 23rd, 2016 Ali Raza Security, Malware, Social Network News 0 comments
Security Experts Discover Malware in Facebook’s Staff Server
Share on FacebookShare on Twitter
This bug bounty hunter hacked Facebook but soon realize there’s something fishy going on

A hacker taking advantage of Facebook’s bug bounty program hacked into a Facebook employee through a web app was and saw someone else had already placed a malware in the system. The hacker who works for Taiwan-based outfit Devcore, Orange Tsai recently got paid $10,000 by Facebook after noticing a bug in one of the social media’s systems. Orange Tsai was successful in getting the vulnerable system back in February.

Orange Tsai, the security expert who belongs to the DevCore firm, has detected a malicious webshell on the Facebook staff server while he was analysing the security infrastructure of the social network. While doing so, he came across a domain named files . fb. com, which piqued his curiosity. To satiate it he tried to gain access to the domain and discovered that it was home to Accellion File Transfer Appliance, which is used by many companies. This malware was stealing the user details of the employees of the tech giant.

[q]This shows Facebook’s security is a myth[/q]

Enkindled by this chance discovery, he decided to dig deep and explore further flaws in the security build-up of the software. And what he found was quite astounding – it included a catch of 7 zero-day flaws, including cross-site scripting, remote code execution, and local privilege escalation vulnerabilities. He also got to know that the company had recently fixed an already known flaw in the system.

facebook-hacked-security-experts-discover-malware-in-facebooks-staff-server

In a write-up that he published recently on the Devcore blog, he describes his discoveries – “FTA is a product which enables secure file transfer, online file sharing and syncing, as well as integration with Single Sign-on mechanisms including AD, LDAP, and Kerberos. The Enterprise version even supports SSL VPN service. Upon seeing this, the first thing I did was searching for publicized exploits on the internet.”

As the discoveries began to spiral, the expert realised that the hackers used a code that had managed to extract at least 300 employees’ credentials between the 1st of February and the 7th. On going through the logs, he saw that major infiltrations by the hackers had been made twice – once in July 2015 and later in September 2015. However, there are no proofs to suggest that these were carried out by the same hacker. Also, it wasn’t possible to know how this malicious web shell referred to as Accellion File Transfer Appliance was deployed.

facebook-hacked-Security Experts Discover Malware in Facebook’s Staff Server

[must url=”https://www.hackread.com/facebook-fake-profile-alert-tool/”]Facebook to Help Users Detect if Someone is Impersonating their Profiles[/must]

[fullsquaread][/fullsquaread]

[must url=”https://www.hackread.com/location-data-of-anonymous-users-social-media-apps/”]Location Data on Social Media Apps can Disclose Identity of Anonymous Users[/must]

Facebook’s security engineer, Reginaldo Silva said that the malware was installed by another security researcher, who like Tsai, had browsed through the security system in search of some bug bounty. Expressing his immense mirth at Orange discovering the vulnerability, he said – “In this case, the software we were using is the third party. As we don’t have full control of it, we ran it isolated from the systems that host the data people share on Facebook.”

In recognition of his work, Tsai was rewarded with $10,000 by the tech-giant.

This is not the first time when a bug bounty hunter hacked into the system owned by Facebook. In December 2015, a researcher hacked Instagram and managed to crack his way through Instagram defences and almost get complete control over the service. Soon after the researcher disclosed the vulnerability to Facebook, the company threatened to sue, instead of paying the reward he was due for his work. 

  • Tags
  • Bug Bounty
  • Facebook
  • hacking
  • Infosec
  • Malware
  • Privacy
  • security
Facebook Twitter LinkedIn Pinterest
Previous article Anonymous Shutdown Denver Police Website Against Fatal Shooting
Next article Bank implements poor security measures, loses $81 million
Ali Raza

Ali Raza

Ali Raza is a freelance journalist with extensive experience in marketing and management. His work has been featured in many major crypto and tech websites including Hacked, Hackread, ValueWalk, Cryptoslate, CCN, and Globlecoinreport to name a few. Raza is the co-founder of 5Gist.com, too, a site dedicated to educating people on 5G technology.

Related Posts
Unpatched MS Exchange servers hit by cryptojacking malware

Unpatched MS Exchange servers hit by cryptojacking malware

Indian supply-chain giant Bizongo exposed 643GB of sensitive data

Indian supply-chain giant Bizongo exposed 643GB of sensitive data

FBI accessing computers across US to remove malicious web shells

FBI accessing computers across US to remove malicious web shells

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Unpatched MS Exchange servers hit by cryptojacking malware
Security

Unpatched MS Exchange servers hit by cryptojacking malware

Indian supply-chain giant Bizongo exposed 643GB of sensitive data
Leaks

Indian supply-chain giant Bizongo exposed 643GB of sensitive data

FBI accessing computers across US to remove malicious web shells
Security

FBI accessing computers across US to remove malicious web shells

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us