Mark Zuckerberg’s Facebook Page Hacked Because of Security Flaw [VIDEO]
A message was posted on Facebook CEO Mark Zuckerberg's page by a Palestinian researcher named Shreateh about a Facebook security flaw that that wasn't taken seriously by the Facebook security team..
His message read, "First, sorry for breaking your privacy and post(ing) to your wall, I (have) no other choice to make after all the reports I sent to (the) Facebook team."
Shreateh said that he could post to any user's page, even people who are not on his friends list. An exploit like this is a goldmine form scam artists and spammers who would like to take advantage of Facebook users which is about 1 billion.
Shreateh has posted emails on his blog which he says were communicated between him and Facebook security. A Facebook employee responded to him saying it was a bad link that didn't work.
Shreateh said he posted an Enrique Iglesias video on the page of a woman who went to college with Zuckerberg, but because Facebook's security team wasn't on her Friends list, they couldn't see it. Facebook's security team responded by telling Shreateh the issue he was reporting was not a bug.
Shreateh wrote back, "ok that mean(s) I have no choice other than report this to mark himself on facebook." that got their attention and now Facebook says the flaw was fixed last Thursday.
Facebook security team member Matt Jones said Shreateh doesn't speek English very well and that is the reason for the site's slow response.
"Unfortunately, all he submitted was a link to the post he'd already made (on a real account whose consent he did not have) ... saying that 'the bug allow facebook users to share links to other facebook users,' " Jones wrote.
"For background, as a few other commenters have pointed out, we get hundreds of reports every day. Many of our best reports come from people whose English isn't great -- though this can be challenging, it's something we work with just fine and we have paid out over $1 million to hundreds of reporters."
Shreateh will not receive a reward under Facebook's white hat program which is used to to find and fix bugs because he violated Facebook's terms of service by hacking the pages of other users.
"I could sell (information about the flaw) on the black (hat) hackers' websites and I could make more money than Facebook could pay me," he said in an interview with CNN. "But for me -- I am a good guy. I don't deal with the black (hat) stuff."