Facebook Messenger is an application with 900 million active users, but there are more users on the main website, which they visit on their computers or laptops. Anyway, this standalone application is not as secure as the developers have thought, because researchers have discovered a bug that could be used to modify or delete text, pictures, links and everything that’s shared in chats.
Not only that this bug could allow hackers to alter conversations in the Android app, as well as on desktop, but it can also be used to spread malware. Researchers at the security company Check Point are the ones who discovered this bug and they’re warning users to be careful not to click on dubious links they see in their conversations, as they could be replaced by hackers who want to convince the recipients to click on them
Facebook is currently working on finding a way to protect users who receive links that would send them to known malware and phishing sites. Threat Exchange is Facebook’s social media platform for developers where the company is sharing shares threat intelligence with security researchers and it already talked about this bug.
Apparently, only parties in the conversations are able exploit the bug, so if you have trusted friends, you don’t have to worry about anything, because the original conversation can be found on older versions of Messenger. “By exploiting this vulnerability, cybercriminals could change a whole chat thread without the victim realizing,” has warned Oded Vanunu, head of products vulnerability research at Check Point, adding that “What’s worse, the hacker could implement automation techniques to continually outsmart security measures for long-term chat alterations. We applaud Facebook for such a rapid response and putting security first for their users.”
The Messenger bug was patched by Facebook’s security team in May, but users are still worried that hackers will find another way to get their hands on their conversations and use them to get rich.