Advertisement

New Hack Tool Links Facebook Accounts to Private Emails

Facebook's newest leak could mean millions of accounts can be accessed daily.

A new tool that links email addresses to Facebook accounts has been circulating since Tuesday, April 20. 

The tool shows users which email addresses are linked to which Facebook accounts — even when users opted to keep their emails private, and can allegedly do so on a mass-scale of millions of email addresses a day, as co-founder and CTO of cybercrime intelligence firm, Hudson Rock, Alon Gal wrote on Twitter.

The new vulnerability comes shortly after Facebook suffered a privacy breach earlier this month when 500 million user credentials were leaked, including CEO Mark Zuckerberg's information.

Gal, who was tipped off about the new vulnerability by an anonymous source, was stumped after Facebook apparently told him they wouldn't fix the issue, even though they know about it. 

What Facebook did say, according to Ars Technica, is this: "It appears that we erroneously closed out this bug bounty report before routing to the appropriate team. We appreciate the researcher sharing the information and are taking initial actions to mitigate this issue while we follow up to better understand their findings."

Gal decided to take matters into his own hands by posting a short YouTube video of the alleged tool quickly working away through email addresses and Facebook accounts, as well as posting a number of Twitter comments highlighting the vulnerability. 

As a Vice report said, the tool is apparently currently available within the hacking community.

It's unclear what next steps will be taken by Facebook, but hopefully, this information won't fall into the hands of hackers looking to do some serious harm.

Follow Us on

Stay on top of the latest engineering news

Just enter your email and we’ll take care of the rest:

By subscribing, you agree to our Terms of Use and Privacy Policy. You may unsubscribe at any time.