Home > News > Massive Security Breach Found on Facebook and MySpace • Bookmark   • Newsletters   • Register Search Options

NEWS STORY

Massive Security Breach Found on Facebook and MySpace

Massive Security Breach Found on Facebook and MySpace
Get XBIZ News
Nov 5, 2009 8:00 AM PST    Text size: 
CYBERSPACE — A developer has discovered a massive flaw in the security of both Facebook and MySpace that leaves users on both social networking sites vulnerable to massive identity theft and fraud.

The developer, Yvo Schaap, discovered the vulnerability, which works by taking advantage of how the two sites remember users' login information and use that information to activate certain Flash apps. Specifically, if a user checks the "remember me" box in the login modules of either site, and then use a Flash app that makes use of their login information, those actions would make their login information vulnerable to a hacker.

That basic problem could give hackers the power to build malicious Flash apps that could harvest users' other personal information, account numbers, photos, messages and everything else posted on either of the two sites.

Schaap emailed administrators at both sites. MySpace resolved the problem first, while Facebook followed close behind. That's the good news.

The bad news is that this vulnerability has been around for months, which means that any number of users may have had their information harvested.

Facebook has launched an investigation into the origin of the bug.

"The security of our users is a top priority for Facebook and we worked with the researcher who identified the issue to fix it," a representative for Facebook said. "We have not received any reports that it was ever exploited."

Tech analyst Jason Kincaid of TechCrunch.com criticized both sites for their lax security standards, but he saved his harshest words for Facebook

"Facebook is no longer just a platform for learning about your college buddies — it’s a serious business, used for photos and messages that can be very sensitive," he said. "I’ve heard of journalists who regularly use Facebook to reach out to potential sources, when secrecy is of the utmost importance. Apparently that’s not a good idea."

Tech-savvy developers may want to read Schaap's full description of the vulnerability, which apparently takes advantage of an imperfection in the programming of a file called "crossdomain.xml."

More ways to get XBIZ News:  RSS Feeds  |  E-Newsletters  |  Desktop Widget  |  Mobile
Looking for porn star news and behind-the-scene videos? Check out XFANZ.com !

EDUCATIONAL FEATURES

Cam World: A Good Grind Reaps Riches

For years, webcam modeling was taboo and considered by many as a dirty and raunchy activity. However, in today’s economy, webcam jobs are being accepted more and more by everyone across the globe.... More »

Cam World: Beauty on Point — Models Talk Tradecraft

Cam girls are the girls that are always on point — with the perfect make-up and perfect skin, the shiny hair and long nails. Given their expertise, I asked some of the girls from Studio 20 if they... More »

Cam World: Camming and Toys Go Hand in Hand

There is nothing more satisfying than pleasure, especially if it is sexual. The size or the presentation of the stimulus does not matter if the sensations and tension the body receives transform the way... More »
XBIZ NEWSLETTERS
Stay informed of the latest industry developments. Get XBIZ newsletters delivered to your inbox. Subscribe today!
Enter email address:

* To manage existing subscriptions click here.






POPULAR PRODUCTS & SERVICES
Submit your press release to
multiple news outlets with 1 click.
Subscribe to RSS news feeds or
add free content to your website.
Access XBIZ news and articles
with your mobile device.
Subscribe to XBIZ World magazine, the industry's leading e-commerce trade publication, delivering in-depth coverage of the online, mobile and ancillary digital markets.

UPCOMING EVENTS

XBIZ.net Paysite Meetup

May 04 - May 04
Prague, Czech Republic

Eurowebtainment 2017

May 17 - May 20
Majorca, Spain

XBIZ Retreat

May 30 - Jun 03
Miami, Florida

XBIZ Miami 2017

May 30 - Jun 02
Miami, Florida
Everyday thousands of business professionals browse XBIZ's industry directory for quality products and services. Not listed yet? Your company could be losing potential new business. Submit your company today!
Use XBIZ RSS feeds to stay informed of the latest industry developments or as a content syndication tool for your website!