A security expert has discovered a flaw in the Facebook Messenger audio clip recording feature that could allow a man-in-the-middle attack in order to capture audio clip files and listen to a user personal voice messages.
Whenever facebook users record an audio clip to send it to their friend, the clip gets uploaded onto the Facebook’s CDN server from where it serves the same audio file, over HTTPS, to both the sender and the receiver. Now any attacker who shares the same network segment running MITM attack with SSL Strip will be able to extract absolute links, including secret authentication token embedded in the URL, to all audio files exchanged between the sender and receiver during that process. The attacker can modify the absolute links from HTTPS to HTTP to download these audio files without authentication.
It can be noted that facebook has not yet patched the vulnerability.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street