Researcher Reports Backdoor on Facebook Server
Posted by: Timothy Weaver on 04/23/2016 09:52 AM
[
Comments
]
Security researcher Orange Tsai of Taiwanese security vendor Devco recently found that someone, probably a blackhat hacker with malicious intent, has breached into its server and installed a backdoor that was stealing Facebook employee's login credentials.
Tsai analyzed a vulnerable version of the Secure File Transfer application (FTA) made by Accellion and was used by Facebook employees for file sharing and collaboration.
He found seven vulnerable FTA flaws:
• 3 Cross-site scripting (XSS) flaws,
• 2 Remote code execution flaws,
• 2 Local privilege escalation issues.
He used those flaws to gain access to Facebooks server. While preparing his bug report, he spotted a PHP-based backdoor, popularly known as a PHP Web shell, that had possibly been installed on the server by a malicious hacker.
Tsai then reported all of his findings and was rewarded with a bug bounty of $10,000.
Source: The Hacker News
Tsai analyzed a vulnerable version of the Secure File Transfer application (FTA) made by Accellion and was used by Facebook employees for file sharing and collaboration.
He found seven vulnerable FTA flaws:
• 3 Cross-site scripting (XSS) flaws,
• 2 Remote code execution flaws,
• 2 Local privilege escalation issues.
He used those flaws to gain access to Facebooks server. While preparing his bug report, he spotted a PHP-based backdoor, popularly known as a PHP Web shell, that had possibly been installed on the server by a malicious hacker.
Tsai then reported all of his findings and was rewarded with a bug bounty of $10,000.
Source: The Hacker News
Comments
