To many people, Facebook is one of the most powerful and reliable social networking websites. It allows users to interact with other users after being friends with one another. However, Facebook allows users to make the friend list public or private. But lately, Facebook vulnerability has been found, allowing users to view hidden Facebook friend list, even though the information is set to private.
The Facebook vulnerability has been found by Irene Abezgauz, a security researcher from the Quotium Seeker Research Center. The exploit is carried out by abusing the ‘People You May Know‘ feature on Facebook, which suggests new friends to users. However, Facebook suggests friends to you based on mutual connections and other criteria such as work or education information.
Irene Abezgauz has mentioned that this hack is really very simple. All a hacker would have to do would be to create a fake Facebook profile and then send a friend request to their target. Even if the targeted user never accepted the request, the hacker could see that person’s friends via the “People You May Know” feature.
On the contrary, Facebook has mentioned that a hacker would have no way of knowing if the suggested friends represented a user’s entire list.
But this is not the first time that Facebook has such flaws. Back in the month of June, Mohamed Ahmed, a Security expert from Sudan found an exactly same flaw in Facebook. Ahmed informed Facebook about their problem, but the company didn’t pay attention to his words.
Source: Security Affairs