In an
embarrassing breach of security, Facebook
founder Mark Zuckerberg had his profile hacked
into by an IT worker in Palestine.
The hacker managed to write and share links on
Zuckerberg’s private timeline, even though they
were not Facebook friends.
Khalil Shreateh, an IT security researcher, had
contacted the social network giant twice trying to
report the glitch in Facebook’s security system,
but had been told that there was no problem.
Frustrated, he decided to hack into Zuckerberg’s
profile to prove his point.
In the post which has since been removed, he
apologised for breaking Zuckerberg’s privacy,
adding: “I had no other choice… after all the
reports I sent to Facebook teamâ€.
In less than a minute, Shreateh’s account was
suspended and he was contacted by a Facebook
security engineer requesting the details of the
hack.
Facebook pays a minimum $500 reward for any
security flaws that a hacker finds. However, the
company has refused to pay Shreateh for
discovering the vulnerability because his actions
violated Facebook’s Terms of Service.
Matt Jones from Facebook’s security team
confirmed that the bug has now been fixed,
admitting that the company should have asked
more details after Shreateh’s initial report.
“We get hundreds of reports every day. Many of
our best reports come from people whose English
isn’t great – though this can be challenging, it’s
something we work with just fine and we have
paid out over $1 million to hundreds of reporters,â€
he said.
“However, many of the reports we get are
nonsense or misguided. We should have pushed
back asking for more details here.â€
Shreateh has made a video explaining his
misadventure and shared it online, where it has
already been viewed over 140,000 times.
founder Mark Zuckerberg had his profile hacked
into by an IT worker in Palestine.
The hacker managed to write and share links on
Zuckerberg’s private timeline, even though they
were not Facebook friends.
Khalil Shreateh, an IT security researcher, had
contacted the social network giant twice trying to
report the glitch in Facebook’s security system,
but had been told that there was no problem.
Frustrated, he decided to hack into Zuckerberg’s
profile to prove his point.
In the post which has since been removed, he
apologised for breaking Zuckerberg’s privacy,
adding: “I had no other choice… after all the
reports I sent to Facebook teamâ€.
In less than a minute, Shreateh’s account was
suspended and he was contacted by a Facebook
security engineer requesting the details of the
hack.
Facebook pays a minimum $500 reward for any
security flaws that a hacker finds. However, the
company has refused to pay Shreateh for
discovering the vulnerability because his actions
violated Facebook’s Terms of Service.
Matt Jones from Facebook’s security team
confirmed that the bug has now been fixed,
admitting that the company should have asked
more details after Shreateh’s initial report.
“We get hundreds of reports every day. Many of
our best reports come from people whose English
isn’t great – though this can be challenging, it’s
something we work with just fine and we have
paid out over $1 million to hundreds of reporters,â€
he said.
“However, many of the reports we get are
nonsense or misguided. We should have pushed
back asking for more details here.â€
Shreateh has made a video explaining his
misadventure and shared it online, where it has
already been viewed over 140,000 times.
No comments:
Post a Comment