This Guy Proved How Easy It Is to Hack Your Facebook Account

This Guy Proved How Easy It Is to Hack Your Facebook Account
Source: Getty Images
Source: Getty Images

Security blogger Anand Prakash says he's figured out how to hack into any Facebook account using the password reset function. The stunt allowed him entry into a Facebook account with full access to messages, content and any stored credit card information.  

Typically, when a person forgets their password, Facebook asks them to enter the email address, phone number or name associated with the account. Then it sends a six-digit pin as a way of verifying a users identify before allowing them to reset their password. Prakash first tried to brute force the pin via Facebook.com, but the website shut him out after 10-12 attempts. So he tried the same attack through Facebook's beta site, beta.facebook.com, as well as its ad-free site, mbasic.beta.facebook.com. 

He found that there was not a limiter on those sites, which allowed him to gain access to his own account by using a program to repeatedly enter combinations of six-digit pins. When the software arrived at the right combination, Prakash was able to change the password and log in using the new credentials. 

He has since alerted Facebook to the vulnerability and was awarded $15,000 for the exploit discovery. You can watch him take over his own Facebook account in the video below. 

Source: YouTube

h/t Fossbytes

How much do you trust the information in this article?

Ruth Reader

Ruth is a senior staff writer covering innovative technology and the people behind it. Send through pitches and tips to ruth@mic.com.

MORE FROM

The six words that will make you sound smarter than all your friends when watching the eclipse

What is an umbra? How does the Saros cycle work? The total solar eclipse, explained.

Do you have little freckles in your eyes? This might be why.

Remember to protect your eyes.

The US desperately needs computer science majors, so keep coding

There are more than 500,000 computing jobs open in the US right now.

The 2017 solar eclipse will help scientists figure out just how much energy we get from the sun

Reflections are tricky things — as we'll learn when August's total solar eclipse hits.

No, Mars didn’t grow 12 more moons — here’s what’s happening in this stunning picture

Mars and the mysteriously multiplying moon.

Scooby-Doo’s real name isn’t Scoobert Doobert

It's time to call Scooby by his real name.

The six words that will make you sound smarter than all your friends when watching the eclipse

What is an umbra? How does the Saros cycle work? The total solar eclipse, explained.

Do you have little freckles in your eyes? This might be why.

Remember to protect your eyes.

The US desperately needs computer science majors, so keep coding

There are more than 500,000 computing jobs open in the US right now.

The 2017 solar eclipse will help scientists figure out just how much energy we get from the sun

Reflections are tricky things — as we'll learn when August's total solar eclipse hits.

No, Mars didn’t grow 12 more moons — here’s what’s happening in this stunning picture

Mars and the mysteriously multiplying moon.

Scooby-Doo’s real name isn’t Scoobert Doobert

It's time to call Scooby by his real name.