Facebook vulnerability could have let websites obtain users’ interests

Kyle Chua
Facebook has since patched the bug. The bug itself is not unique to Facebook, but the social network remains a target due to its standing and the data it has available.

MANILA, Philippines – Cybersecurity company Imperva recently revealed details on a Facebook vulnerability that would have allowed malicious websites to obtain users’ personal information.

TechCrunch reported Tuesday, November 13, that Imperva security researcher Ron Masas discovered Facebook search results were not protected from cross-site request forgery (CSRF) attacks.

This vulnerability could have let malicious websites a user may have accessed while logged into Facebook in another tab extract their personal information without their knowledge.

“This allowed information to cross over domains — essentially meaning that if a user visits a particular website, an attacker can open Facebook and can collect information about the user and their friends,” Masas said.

What the attacker does is open Facebook search pages in a new tab and run queries about the pages a user may have liked. It can also return results about the user’s friends and the pages they may have liked.

“The vulnerability exposed the user and their friends’ interests, even if their privacy settings were set so that interests were only visible to the user’s friends,” he added.

The bug is reportedly not unique to Facebook. However, the social media giant is the likely target of these types of attacks given the amount and kind of data available.

Facebook patched the bug days after Imperva privately disclosed the bug in May. It also told TechCrunch that it has not seen any abuse.

“We appreciate this researcher’s report to our bug bounty program,” said Facebook spokesperson Margarita Zolotova in a statement. “As the underlying behavior is not specific to Facebook, we’ve made recommendations to browser makers and relevant web standards groups to encourage them to take steps to prevent this type of issue from occurring in other web applications.”

Facebook may have dodged a bullet with this bug but it seems to have a long way to go to regain users’ trust after recent data exposure incidents. – Rappler.com