Facebook Fixes Bug That Could Turn On Users' Webcams Without Their Knowledge

By Alexandra Burlacu email: a.burlacu@mobilenapps.com | Jan 02, 2013 08:38 PM EST

Share This Story

  • Print
  • Email

Facebook has patched a security flaw that would have allowed hackers to turn on users' webcams without their permission and post videos to users' profiles.

Two computer-security researchers with the XY Security firm in India found this vulnerability back in July, and received $2,500 each for finding the bug.

Follow us

XY Security founders Aditya Gupta and Subho Halder found the bug and reported their findings to Facebook, which in turn paid them $2,500 each for the information, said Facebook spokesman Fred Wolens, according to Bloomberg.

The two researchers who found the bug said the company paid them five times its usual price, which must indicate that Facebook found this particular bug to be "serious." Facebook is one of the few tech companies encouraging outsiders to hack into their products and services in return for payouts. Google and Mozilla, maker of the Firefox browser, have the same practice, while other companies such as Microsoft have refused to offer "bug bounties" to reward criminals.

According to Wolens, Facebook conducted an investigation upon learning about the vulnerability, but found that no users seemed to be affected. The company has now patched the bug to eliminate the threat.

"This vulnerability, like many others we provide a bounty for, was only theoretical, and we have seen no evidence that it has been exploited in the wild," Wolens told Bloomberg in an e-mailed statement.

"Essentially, several things would need to go wrong - a user would need to be tricked into visiting a malicious page and clicking to activate their camera, and then after some time period, tricked into clicking again to stop/publish the video," added the spokesman.

While it seems like a complicated and farfetched process, companies are typically very sensitive to any matters associated with users' webcam - and they should be. User privacy is a priority, and stealing video of a user without their consent or knowledge raises privacy concerns to a whole new level, even if the said video is not published. The mere thought of having someone peep through the webcam without the user's knowledge is enough to give one the creeps. The actual possibility is even more appalling. Facebook has had its share of criticism over user privacy, but none to this level.

Get the Most Popular Mobile&Apps Stories in a Weekly Newsletter

© 2014 Mobile & Apps All rights reserved. Do not reproduce without permission.

Featured Video : Intel Pocket Avatars

Join Our Conversation

Smartphones
Xiaomi Mi4 Xiaomi Mi 3, Xiaomi Mi 4 Android 4.4.4 KitKat custom ROM now available
iPhone 6, iPhone 6 Plus battery life test reveals underwhelming performance
Google HTC Nexus 9 tablet claims bolstered, launch expected very soon
Ex-NBA star Rex Chapman arrested for stealing from an Apple Store by faking EasyPay self-checkout
Tablet / Laptop / PC
Dell Venue 7 and Venue 8Dell unveils Venue 7 and Venue 8 Android 4.3 Jelly Bean tablets
Retina iPad Mini facing delays, may not launch until early next year
Refurbished 128GB iPad with Retina Display now available on the Apple Online Store
Samsung Galaxy Note 10.1 – 2014 Edition: Pricing and availability now official
Gadgets
Amazon LogoAmazon reportedly to launch ‘Firetube’ set-top box before 2013 holidays
Samsung Galaxy Note 3 and Galaxy Gear India launch: Pricing and availability
Samsung Galaxy Gear Android smartwatch now up for pre-order in Canada
Samsung Galaxy Gear 2 reportedly in the works already, may debut at CES or MWC 2014
OS / Software
HTC LogoHTC reportedly considering Android/Windows Phone dual-booting smartphone as Microsoft pushes for deeper Windows mobile integration
iOS 7 Chrome Incognito mode leaks private searches due to bug
Sprint HTC One Android 4.3 Jelly Bean already rolling out, AT&T, T-Mobile & Verizon to follow
Microsoft Windows 8.1 now available for pre-order
Internet / Social Media
Google DowntimeGoogle blacks out for two minutes, causes 40 percent drop in world’s Internet traffic
Xbox Music web player is live and ready for Xbox Music Pass subscribers
Facebook Android app collected phone numbers even if users never logged in
Firefox 22 brings support for web video calls, 3D gaming, and Unreal Engine 3
What's App
Vine update brings new camera experienceVine gets major update, lets you upload previously-shot videos & more (VIDEO)
BlackBerry Messenger (BBM) finally hits Windows Phone – Available as a free download now
Instagram releases Bolt ephemeral messaging app in select markets to challenge Snapchat
PayPal for iOS update brings loyalty card support, other features and enhancements
Copyright © 2014 Mobile & Apps All rights reserved. mobilenapps
Real Time Analytics