A vulnerability has been identified in Facebook Messenger, both in the online and mobile applications. The vulnerability allows a malicious user to change conversation thread in the Facebook Online Chat & Messenger App. This vulnerability could be exploited to perform the following tasks:
- Malicious users can manipulate message history as part of fraud campaigns. A malicious actor can change the history of a conversation to claim he had reached a falsified agreement with the victim, or simply change its terms.
- Hackers can tamper, alter or hide important information in Facebook chat communications which can have legal repercussions. These chats can be admitted as evidence in legal investigations and this vulnerability opened the door for an attacker to hide evidence of a crime or even incriminate an innocent person.
- The vulnerability can be used as a malware distribution vehicle. An attacker can change a legitimate link or file into a malicious one, and easily persuade the user to open it. The attacker can use this method later on to update the link to contain the latest C&C address, and keep the phishing scheme up to date.
The Vulnerability was disclosed to the Facebook Security team and the vulnerability was patched.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street