Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Snapchat Symbol Meaning

author photo

Mark Zuckerberg's Facebook Timeline Hacked by Security Researcher

by on August 19, 2013
in Facebook, News, Computers and Software, Internet & Networking, Computer Safety & Support, Blog, Privacy, Social Networking :: 0 comments

Techlicious editors independently review products. To help support our mission, we may earn affiliate commissions from links contained on this page.

Mark Zuckerberg Timeline hackMark Zuckerberg is a billionaire who owns one of the largest Internet companies in the world. But as an unemployed security researcher proved last week, even the most powerful man on the net can be hacked when Facebook disregards a security tip.

Recently, Palestinian security researcher Khalil Shreateh found a vulnerability that allowed him to disregard Facebook privacy settings and post to anyone’s wall – even people who were not his friends. He reported the security hole to Facebook using the site’s White Hat bug-reporting system, but had difficulty communicating the problem in English. As a result, Shreateh’s concerns were misunderstood and dismissed.

Feeling he was out of options, Shreateh decided to go over the heads of Facebook’s Security team and report the issue directly to the CEO using the bug. Wrote Shreateh directly on Zuckerberg’s timeline: “First sorry for breaking your privacy and post to your wall, I has no other choice to make after all the reports I sent to Facebook team [sic].”

Within minutes, a Facebook security engineer contacted Shreateh to get more information about the privacy problem. The issue has now been resolved, but not before Shreateh’s account was suspended “as a precaution.” It does not appear as if anyone exploited the vulnerability in a malicious manner before it was patched.

Normally, Facebook offers a $500 minimum bounty to those who report bugs and security vulnerabilities via the site's White Hat program. But because Shreateh broke a number of the program’s rules – hacking an account without permission is a no-no, even to prove a point – no money will be awarded. Facebook has since reinstated Shreateh's account.

Discussion loading

Love getting helpful tech tips? Subscribe to our free newsletter!

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.