Facebook Inc (NASDAQ:FB) apps for iOS and Android are being proven weak and vulnerable in the recent past by hackers and bug hunters. In a recent development, programmer and security expert Laxman Muthiyah has identified a critical bug in the Facebook Inc (NASDAQ:FB) app for iOS and Android which gets an easy access to all the private photos stored in the users’ phone. The problem was in the Facebook Inc (NASDAQ:FB) graph API, which had a wrong GET method which could be easily exploited to reach the private photos stored in the phone where the app is installed.
Facebook Inc (NASDAQ:FB) uses a user_photos method and Vaultimages repo to save the photos of the user in an Android or iOS device. Muthiyah said that the problem was that the app does not check the access token and the device. Facebook Inc (NASDAQ:FB) app gives the permission based on the owner name and id. This is why when Muthiyah tested the Facebook bug, he was able to get into the private photos of the users easily, within minutes.
This is not the first time Facebook Inc (NASDAQ:FB)’s apps for iOS and Android have proven faulty. Just a month back, the same bug hunter found a problem in the Facebook graph API which lets some third party to delete the Facebook Inc (NASDAQ:FB) photo albums. Luckily, Muthiyah happens to be an ethical security expert. He immediately contacted Facebook team for the bugs. Facebook Inc (NASDAQ:FB) awarded $12,500 to the programmer whereas for the user photo bug, the social media giant gave $10,000 to Muthiyah. Facebook Inc (NASDAQ:FB) users should update their apps on their phones to avoid any problem.
Ken Griffin holds 4.58 million shares worth $307.87 million of Facebook Inc. (NASDAQ:FB).