Leave a comment

Your Facebook-linked accounts are NOT safe!

Your Facebook-linked accounts are NOT safe!
Bloomua / Shutterstock.com

You might want to think twice before using that handy "Sign in using Facebook" buttons on popular websites across the Web. That's because a researcher has discovered a bug that lets hackers take over your accounts using the Facebook login feature.

The bug doesn't give hackers access to your actual Facebook account, but it does let them access your account on third-party sites like Mashable, Booking.com, Vimeo and possibly more. The tool that exploits the bug is called RECONNECT and was created by a researcher named Egor Homakov. He released the tool publicly recently after saying he warned Facebook and the company ignored him.

“Go blackhats, don’t be shy!” he wr​ote on Twitter, apparently encouraging malicious hackers (blackhats) to take advantage of the tool. On Monday, however, Homakov told Motherboard that he created the tool because he had some “spare time” and the information “is public anyway.”

RECONNECT works by tricking a Facebook user into clicking on a malicious link then gives the hacker access to the victim's Facebook-connected account.

(The attack only works if the victim is logged into his or her Facebook account when clicking on the link, but that’s common for many people, who leave Facebook logged in at all times)

Next page: How dangerous is this bug?
See the controversial Facebook emoticon that has thousands in an uproar
Previous Happening Now

See the controversial Facebook emoticon that has thousands in an uproar

This sneaky program secretly uses your computer to mine for bitcoins
Next Happening Now

This sneaky program secretly uses your computer to mine for bitcoins

View Comments ()