تحذير لملايين مستخدمي Gmail من عيب قد يخترق Facebook الخاص بك

GMAIL users should be aware of a new security flaw that could allow Facebook accounts to be hacked.

The issue was revealed by researcher Youssef Sammouda who took to his blog to warn against using Gmail credentials to sign into Facebook.

A cyber security researcher discovered a new Gmail security flaw that could be used to hack Facebook accounts

A cyber security researcher discovered a new Gmail security flaw that could be used to hack Facebook accountsالإئتمان: صور SOPA / LightRocket عبر Gett

Sammouda spoke with The Daily Swig to explain the implications of this bug.

According to the researcher, he was able to hijack the accounts of Facebook users who signed up through their Gmail credentials.

He said that he accomplished this by using a Google OAuth id_token/code to log in to the site.

This is calledopen authorization.It is a standard used by Amazon, مايكروسوفت, تويتر, and other big names that allows users to link accounts to third-party sites by using log in information from one of these bigger sites, Forbes قالت.

read more about google

Inside Google's new $1bn HQ with 'dragon skin roof' and sustainable panels

DRAGON’S DEN

Inside Google’s new $1bn HQ with ‘dragon skin roofand sustainable panels

ما قيل, this technique can apparently be used to hack other accounts not just Facebook, Sammouda said.

ومع ذلك, the tech vigilante may have prevented many users from being hacked.

Sammouda revealed that he was paid a $44,625 ‘bountyby Facebook after he shared his discovery.

He said that Facebook responded and implemented measures against the open authorization hack.

الأكثر قراءة في Tech

Never seen before 'hot blob' found within Earth leaves scientists 'puzzled'

THE BLOB

Never seen before ‘hot blobfound within Earth leaves scientists ‘puzzled

Forbes shared a statement from security provider Malwarebytes Labs regarding accounts that are linked through open authorization.

Linked accounts were invented to make logging in easier,” said malware intelligence researcher Pieter Arntz.

You can use one account to log in to other apps, sites and servicesAll you need to do to access the account is confirm that the account is yours.

We wouldn’t recommend it because if anyone gets hold of the one password that controls them all, you’re in even bigger trouble than you would be if only one site’s password is compromised,” هو قال.

This comes as Google recently issued an urgent security warning to billions of phone owners.

And Android users should check their phone right now for a huge security danger.

نحن ندفع مقابل قصصك!

هل لديك قصة لفريق يو إس صن?

راسلنا على Exclusive@the-sun.com أو أتصل 212 416 4552. مثلنا على Facebook at www.facebook.com/TheSunUS وتابعنا من حسابنا الرئيسي على Twitter على تضمين التغريدة