Facebook SDK flaw exposes smartphone users’ accounts at risk
- last edited
By paganinip on July 5th, 2014
Experts from MetaIntell have discovered a critical vulnerability in the latest version of Facebook SDK which exposes millions of Facebook accounts at risk.
Security experts from MetaIntell have discovered a significant security vulnerability in the latest version of Facebook SDK, which affects numerous iOS and Android apps exposing millions of Facebook user’s Authentication Tokens at risk. The researchers dubbed the vulnerability “Social Login Session Hijacking,”, it could be used by an attacker to access victim’s Facebook account information using access token and session hijacking method.
“MetaIntell, the leader in intelligent led Mobile Risk Management (MRM), announced today that it has uncovered a significant security vulnerability in the Facebook SDK (V3.15.0) for both and Android. Dubbed Social Login Session Hijacking, when exploited this vulnerability allows an attacker access to a user’s Facebook account using a session hijacking method that leverages the Facebook Access Token (FAT).” reports MetaIntell in the blog post.