On 2016 the methodes of Hacking are developed and secutity too, and Hacking Facebook account is one of the major queries on the Internet today. It's hard to find, but researchers have just proven by taking control of anyFacebook account with only the target's phone number and some hackingskills.
Yes, your Facebook account can be hacked, no matter how strong yourpassword is or how much extra security measures you have taken. No joke!
Even where users have chosen strong passwords and taken extra security measures, their Facebook FB -0.29% accounts are not safe from hackers. Hackers with skills to exploit the SS7 network can hack your Facebook account. All they need is your phone number.
The researchers from Positive Technologies, who recently showed how they could hijack WhatsApp and Telegram accounts, now gave the demonstration of the Facebook hack using similar tricks, Forbes reported.
What is SS7?
Signalling System No. 7 (SS7) is a set of telephony signaling protocols developed in 1975, which is used to set up and tear down most of the world's public switched telephone network (PSTN) telephone calls. It also performs number translation, local number portability, prepaid billing, Short Message Service (SMS), and other mass market services.
What does SS7 normally do?
SS7 is a set of protocols allowing phone networks to exchange the information needed for passing calls and text messages between each other and to ensure correct billing. It also allows users on one network to roam on another, such as when travelling in a foreign country.
SS7 has long been known to be vulnerable, despite the most advanced encryption used by cellular networks. The designing flaws in SS7 have been in circulation since 2014 when the team of researchers at German Security Research Labs alerted the world to it.
Here’s How to Hack Any Facebook Account:
The attacker first needs to click on the "Forgot account?" link on the Facebook.com homepage. Now, when asked for a phone number or email address linked to the target account, the hacker needs to provide the legitimate phone number.
The attacker then diverts the SMS containing a one-time passcode (OTP) to their own computer or phone, and can login to the target’s Facebook account.
You can watch the video demonstration that shows the hack in action.
Besides Facebook, researchers’ work shows that any service, including Gmail and Twitter, that uses SMS to verify its user accounts has left open doors for hackers to target its customers.
Although the network operators are unable to patch the hole sometime soon, there is little the smartphone users can do.
- Do not link your phone number to social media sites, rather rely solely on emails to recover your Facebook or other social media accounts.
- Use two-factor authentication that does not use SMS texts for receiving codes.
- Use communication apps that offer "end-to-end encryption" to encrypt your data before it leaves your smartphone over your phone's standard calling feature.
0 comments:
Post a Comment