Last week, social networking site Facebook has announced that around 600,000 accounts get hacked in one day. The company then decided to add the “Trusted Friends” feature, a new security feature that will help prevent attacks that allows users to choose 3 to 5 friends that they can trust. Now, a hacker group warned that this may actually backfire.
The Hackers Online Club said that the social network’s “Trusted Friends” can fail if the victim is fooled into accepting accounts from the hacker as friends.
Facebook said earlier that the new security feature helps a user if ever he or she gets locked out of their accounts. The tool is similar to other features that can help prove a user’s identity via one’s friends by sending codes to their chosen friends so they can pass along the information to the user.
The Hackers Online Club said that once these fake accounts are accepted as friends, the attackers can just go to Facebook and click on the “Forgot your password” link. These attackers can then set their emails to receive the password.
“Facebook will ask you to choose three trusted friends … choose the three fake profiles of your which you created and added into the victim’s account,” the report read. “After selecting three accounts, Facebook will send security codes to these accounts; just enter these codes and you will get Password Resetting email from Facebook on the account you created.”
via: Hackers Online Club