Cyber SecurityHackingTrending

Facebook Messenger Flaw Could Let Hackers Gain Persistent Access

Researchers have discovered a new vulnerability in Facebook Messanger that could allow hackers to hijack a call for a resource within the Messenger code to run their malware.

The vulnerability resides in the version 460.16 that was available in Microsoft Store. Cybersecurity researchers at Reason lab reported it to Facebook and the tech giant immediately released a patch and the vulnerability has been fixed with version 480.5. 

Messenger To Gain Persistent Access

Researchers said that they found a problem in the Facebook Messenger App, that the app executes code that shouldn’t be executed, that let the rise of a vulnerability allowing an attacker to hijack a call for a resource within the Messenger code.

Messenger hacked
Messenger call hijack vulnerability

The researchers found that the Messenger app gives a strange call to Powershell.exe from Python27 directory, which is located in “c:\python27” means that the malicious program can access the path without any admin privileges. 

To test the vulnerability researchers started a Listener in Metasploit and created a reverse shell with msfvenom and renamed the listener to Powershell.exe and transferred it to c:\python27 in order to hijack the call.

messenger vulnerability
Messenger hack PoC

After running the Listener on the attackers machine the researchers and executed the “Messenger” app got the reverse shell of the victim’s machine.

In this Covid-19 situation, there is been a 50% increase in the Messenger and threat attackers can exploit this vulnerability to gain malicious access to the victim’s machine.

Satender Kumar

A Blogger always fascinated with the technology and gather as much amount of knowledge from the internet. Loves to share the knowledge with the others and always available to play chess.

Leave a Reply

Your email address will not be published. Required fields are marked *

fourteen − eight =

Back to top button
Do NOT follow this link or you will be banned from the site!