Skip to main content

New Facebook Hack Tool Extracts Users' Personal Info

In a shocking revelation made by a group of security researchers, it was demonstrated how a Java based tool can be exploited in order to extract personal information from Facebook user profiles, even when they are not publicly accessible.

Apparently, the tool, dubbed Facebook Pwn, kick starts its mission by creating a fake account which tries to befriend all users in the targets ‘friend list’. Then it chooses one of the users from the victim’s contacts and hijacks his/her identity, and then sends a new friend requests to the victim himself.

If the request is accepted, the tool instantly downloads all the personal information, images stored and safeguarded in the profile with privacy settings- meaning even if the victim comes to know about what’s going on unfriend the fake account, the information would still be saved locally within the tool.

"(The tool) sends friend requests to a list of Facebook profiles, and polls for the acceptance notification. Once the victim accepts the invitation, it dumps all their information, photos and friend list to a local folder," the description notes, according to this Network World (opens in new tab) report.

Ravi Mandalia

Ravi Mandalla was ITProPortal's Sub Editor (and a contributing writer) for two years from 2011. Based in Ahmedabad, India, Ravi is now the owner and founder of Parity Media Pvt. Ltd., a news and media company, which specializes in online publishing, technology news and analysis, reviews, web site traffic growth, web site UI. Ravi lists his specialist subjects as: Enterprise, IT, Technology, Gadgets, Business, High Net Worth Individuals, Online Publishing, Advertising, Marketing, Social Media, News, Reviews, Audio, Video, and Multi-Media. He has also previously worked as Dy. Manager - IT Security at (n)Code Solutions.