Click For Photo: https://i.dailymail.co.uk/1s/2019/03/08/12/5001982-0-image-a-5_1552048690249.jpg
Facebook users face new privacy concerns as yet another security breach could be giving away the names of people they have been messaging.
Hackers trying to gain access to private accounts need only to get users to click a video link, which would be easily disguised as regular content.
Loophole - Hackers - Contacts - User - Facebook
The loophole then lets hackers check which contacts had recently engaged with the user over Facebook Messenger.
The flaw comes the day after CEO Mark Zuckerberg announced a 'privacy-focused future' for its users.
Privacy - Exposé - Ron - Masas - Imperva
The latest privacy exposé was made by Ron Masas from Imperva, an online privacy monitoring website.
Mr Masas called the latest vulnerability a 'side-channel attack, performed on an end user’s web browser', and has made Facebook aware of the vulnerability.
Attack - Something - 'iframe - User - Boxes
The attack exploits something called the 'iframe', which is used to to see whether a user has been or is actively engaging with chat boxes in the Facebook messenger app.
The chat box in the messenger app, as well as the contact list, are rendered in iframes.
Mr - Masas - User - Contact - User
Mr Masas said: 'When the current user has not been in contact with a specific user, the iframe count would reach three and then always drop suddenly for a few milliseconds.
'This lets an attacker reliably distinguish between the full and empty states. This could let him remotely check if the current user has chatted with a specific person or business, which would violate those users’ privacy.'
Frame - Count - Data - Time - Ways
'By recording the frame count data over time, I found two new ways to leak cross-origin information.
'By looking at patterns instead of a static...
Wake Up To Breaking News!