Dangerous vulnerability detected in the app Facebook camera for iOS

Posted: December 27, 2012 in IT Security News
Tags: , , ,

FacebookEgyptian expert in the field of information security, Mohamed Ramadan discovered a vulnerability in Facebook Camera app for iOS.

Application accepts any SSL certificate, creating a base for an attack of the ‘man in the middle.’

Versions prior to 1.1.2 (previously released 21/12/2012) provide unauthorized access to some data on your phone when connected via Wi-Fi.
In particular, an attacker can intercept transmitted e-mail address and password you used to log in to Facebook. So iPhone users run the risk of losing control of his account in Facebook.

Facebook camera app for iOS allows an attacker to find e-mail and password for the account of the victim

Facebook app jacked

Photo: Mohamed Ramadan

Mohammed Ramadan notes that Facebook has analyzed other applications for the presence of similar problems and did not find them. To check the possibility of attack through Facebook Camera He set up a proxy server through which data and tracked by Wi-Fi.

In Facebook confirmed the vulnerability existence,  and recommended as soon as possible to update the Facebook Camera and not to be connected to doubtful Wi-Fi networks. Company representatives emphasized that they were not aware of a single case of the vulnerabilities found in the wild.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s