Facebook Account Hacking Possible on Android using SOP Vulnerability

Viewing 1 post (of 1 total)
  • Author
  • #4327 Reply
    Robin C

    The SOP (Same Origin Policy) vulnerability in Android discovered by Rafay Baloch, a White Hat Hacker from Pakistan at the beginning of September 2014. Google then issued a fix to address the vulnerability on latest and older android smartphones, but still millions of android devices are vulnerable for this attack. Hackers can now exploit the android device using this vulnerability to hack facebook account of victims. SOP vulnerability exists on Android Web Browser in devices running below Android OS 4.4 Kitkat.


    Hackers target facebook users to steal account login id and password by various means. SOP is meant for protecting users browsing experience by preventing the execution of malicious codes and malwares in the smartphone, tablet device browser while visiting websites. It acts as a filter and prevents the device from getting infected by malwares. But the recently found vulnerability allows attackers to execute malicious JavaScript that is stored in a cloud storage and further to compromise users logged in accounts and passwords.

    Facebook uses JavaScript to do plenty of actions overall. For example, new friend requests, facebook page likes, follows, subscription management and more are done via Javascripts in Facebook.


    So how to protect your device from being compromised by hackers using SOP Vulnerability? Well, the only option is to disable the default “Android Browser” from your device. You cannot uninstall the android browser, but it is possible to disable it to prevent being victimized temporarily till Google issues a fix for SOP Vulnerability.

    Go to “Settings – Apps – All” to access the list of apps installed and running in your android device. Select the “Browser” and Disable it to disable the Android browser.

    Source: TheHackerNews

Viewing 1 post (of 1 total)
Reply To: Facebook Account Hacking Possible on Android using SOP Vulnerability
Your information:

<a href="" title="" rel="" target=""> <blockquote cite=""> <code> <pre class=""> <em> <strong> <del datetime="" cite=""> <ins datetime="" cite=""> <ul> <ol start=""> <li> <img src="" border="" alt="" height="" width="">