banner

Tool allows account hijacking on sites that use Facebook Login

Written by Cio
Facebook_logo_(square)
  • Cio
  • 2 years ago
A new tool allows hackers to generate URLs that can hijack accounts on sites that use Facebook Login, potentially enabling powerful phishing attacks.

The tool, dubbed Reconnect, was released last week by Egor Homakov, a researcher with security firm Sakurity. It takes advantage of a cross-site request forgery (CSRF) issue in Facebook Login, the service that allows users to log in on third-party sites using their Facebook accounts.

Homakov disclosed the issue publicly on his personal blog in January 2014, after Facebook declined to fix it because doing so would have broken compatibility with a large number of sites that used the service.

Read More

0 0
Article Tags:
·
Article Categories:
Networking Security

Leave a Comment

Your email address will not be published. Required fields are marked *