Urgent warning to millions of Facebook users – important setting could be disabled by account raiders

FACEBOOK users became vulnerable to a bug that meant hackers were able to gain access to accounts.

The bug meant Facebook’s two-factor authentication security feature could be disabled, a researcher found.

1

The bug was not fixed until September 2022, as security expert Gtm Mänôz recently revealed in a Medium post.

The vulnerability was hidden in Meta’s account management system, known as Meta Accounts Center.

It allowed hackers to remove two-factor authentication protection for Facebook accounts simply by knowing the phone number associated with the account.

Two-factor authentication is an extra layer of protection, meaning users have to jump through two security hoops instead of one to access their account.

This may include associating a phone number or security question with your account in addition to a password.

The flaw allowed an attacker to type in a victim’s phone number as if it were their own Facebook account number.

The attacker could then brute force the two-factor authentication SMS code and gain access to the victim’s Facebook account.

Victims’ two-factor authentication is then disabled, leaving their accounts protected only by a password.

Hackers could then target these victims with phishing or social engineering attacks to gain access to the password.

Phishing is when hackers send emails pretending to be a company or company representative in an attempt to extract personal information from victims.

Social engineering is when hackers impersonate a friend or family member and tug on hearts to get personal information or money.

Mänôz has no idea how long the bug has been active.

However, Facebook’s parent company Meta fixed the vulnerability in October.

If users suspect that their account has been accessed from an unknown location or that they have become a victim of an online scam, it is always best to change and update the password and security settings.

The best tips and hacks for phones and gadgets

Looking for tips and hacks for your phone? Want to find these secret features in social media apps? We’ve got you covered…

Get the latest news about WhatsApp, Instagram, Facebook and other tech gadgets here.

We pay for your stories! Do you have a story for The Sun Online Tech & Science Team? Email us at tech@the-sun.co.uk