Facebook aspires to become a secured social platform, after all these years of leak and privacy issues. But Mark Zuckerberg surely has his work cut out, to live up to his ambitious promise. This time it’s a bug in Facebook Messenger, which allowed websites to gain access to users' data, including who they have been chatting with, say researchers. Facebook Messenger has over 1.3 billion users globally.
In November 2018, Masas and his team discovered a Facebook bug that allowed websites to extract data from users' profiles via cross-site frame leakage (CSFL) which is known as a side-channel attack performed on an end user's web browser.
"Browser-based side-channel attacks are still an overlooked subject. While big players like Facebook and Google are catching up, most of the industry is still unaware," wrote Masas.
Facebook Messenger has over 1.3 billion users globally.
Zuckerberg on Thursday said he is working to make Facebook "privacy-focused" like WhatsApp.