Like many companies in the industry , Facebook has an initiative that offers rewards to those who find vulnerabilities in its services. Using this method recently discovered vulnerability not only important, but it is already exploited months. That means that Facebook has been hacked.
A person who goes by the name of Orange Tsai won 10 thousand dollars for his work, which revealed a security problem in Facebooks infrastructure. Fortunately, there security problem does not affects users, but only Facebook employees.
Whilehe was going through the infrastructure, Tsai came across an address called files.fb.com. This is a service vulnerable to SQL injection, allowing the execution of malicious code. After gaining access to the server, he found that malicious code was already there in the form of a script that steals identifying information of all employees who used that server. That data could then be used to access other parts of Facebook.
According to Reginaldo Silva, security engineer at Facebook, the malicious script that was put there by another security specialist. Now the problem has been solved, there is no danger for an incident to happen again.
If you like the article, share with your friends on Facebook. Like our page on Facebook for many videos and news.