A Facebook Bug Allowed Hackers To See Who Users Talked To On Messenger

It seems like Facebook just can’t catch a break. Ever since Mark Zuckerberg’s testimony in front of Congress in 2018, the social media giant has found itself in one controversy after another. That streak only continues with the latest piece of news relating to Facebook Messenger.

In a report from Fortune, a bug on the site was found that allowed hackers to target Facebook users through their web browser to see who they were talking to on Facebook Messenger. The bug was discovered in 2018 and patched, but its existence was never disclosed to the public.

The bug allowed hackers to exploit iframes, which was used to adjust content and text if a Messenger window changed size. Using this exploit, hackers could find the list of people said user had been speaking to through Messenger. The bug has since been removed.

In a note posted to Facebook earlier this week, Zuckerberg wrote about encrypting Facebook services like Messenger, WhatsApp, and Instagram. "As I think about the future of the internet, I believe a privacy-focused communications platform will become even more important than today’s open platforms," he said. "I expect future versions of Messenger and WhatsApp to become the main ways people communicate on the Facebook network."

But this is just the latest in a long list of problems that Facebook has been hit with in the last year, including various privacy and security issues. Most recently, it was discovered that Facebook users could be found if someone agreed to the two-factor authentication system and used their phone number. What made it worse was that the feature couldn’t be completely turned off.

With all these privacy issues, it will be worth seeing if Zuckerberg’s focus involves revamping Facebook privacy systems.