Home > slashdot > Facebook Bug Lets Hackers Delete Friends

Facebook Bug Lets Hackers Delete Friends

May 24th, 2010 05:33 admin Leave a comment Go to comments

swandives writes “There’s lot of talk about Facebook and privacy at the moment, but a bug in Facebook’s website lets hackers delete Facebook friends without permission. Steven Abbagnaro, a student from Marist College in Poughkeepsie, New York reported the flaw, writing proof-of-concept code that scrapes publicly available data from users’ Facebook pages and deletes all of their friends, one by one. The victim first has to click on a malicious link while logged into Facebook. Abbagnaro’s code exploits the same underlying flaw that was first reported by Alert Logic security analyst, M.J. Keith, who discovered a cross-site request forgery bug, where the website doesn’t properly check code sent by users’ browsers to ensure that they were authorized to make changes on the site.”

Source: Facebook Bug Lets Hackers Delete Friends

Related Articles:

  1. Facebook “Trusted Contacts” Lets You Pester Friends To Recover Account Access
  2. Ticketmaster Lets You Sit With Facebook Friends
  3. New Facebook Phone App Lets You Stalk Your Friends
  4. Senate Lets Teachers, Students Be Facebook Friends
  5. Facebook ‘Safety Check’ Lets Friends Know You’re OK After a Major Disaster
blog comments powered by Disqus