Egyptian Hacker Found Loophole In Facebook’s Camera App Allowed Hackers To Hijack Accounts Over WiFi 

26 Dec, 2012

mohamed ramadan
Mohamed Ramadan, an Egypt-based security researcher and trainer with Attack-Secure  discovered a security loophole in facebook Camera iOS app. The older version of the app, pre-1.1.2 and released before December 21, has the problem. When used over WiFi networks, malicious hackers can tap the network and hijack Camera users’ accounts, picking up information like email addresses and passwords in the process.

The problem is the app accepts any SSL certification from any source, even evil SSL certifications and this enables any attacker to perform Man in The Middle Attack against anyone uses Facebook Camera App for IPhone. This means that the application doesn’t warn the user if someone in the same [WiFi network] trying to hijack his Facebook account. Mohamed told TechCurnch.

Facebook confirmed the issue and thanked Mohammed for his discovery it also rewarded him with USD 3,000.

Mohamed who has also found and reported vulnerabilities for Apple, Google, Zynga, GitHub, RedHat, Nokia Siemenas and Etsy.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Leave a Feedback

  • Become Our Fan On Facebook

    ArabCrunch on Facebook

  • Popular Posts



  • Recent Comments
    • John: This is terrible and truly unjust. The ...
    • John: Talk about true censorship! Why don't yo...
    • Waleed awd: شهادتى على اللى حصل معانا انا وعبد الله ...
    • Gaith Saqer: Thank you Ahmed for your analysis I am n...
    • Ahmed: @Gaith Intel acquired SysDSoft early ...