A vulnerability recently found in Facebook’s Messenger application would allow an intruder to alter a conversation thread in both the Facebook Online Chat & Facebook Messenger App.
This means an attacker can hijack the communications, modifying or removing any sent message, photo, file, link and much more.
Check Point, which discovered the flaw, pointed out that given the fact that users rely on Facebook for personal and business-related communications, this kind of malicious power could have long-ranging consequences.
The Facebook Messenger service allowed malicious users to use the vulnerability for malware distribution. An attacker can change a legitimate link or file into a malicious one, and easily persuade the user to open it. The attacker can use this method later on to update the link to contain the latest C&C address, and keep the phishing scheme up to date.
MetaCert have predicted that phishing and other malicious link attacks will migrate from email to messenger services for two reasons; firstly because people are reducing their reliance on email in favor of messenger services, so it’s quite obvious that cybercriminals will do the same.
Secondly because not a single messenger service has any built-in security against malicious links like corporate email. And companies that rely on network-based security are left with a false sense of security because most of their staff are probably accessing these services using the mobile app — either using their own wifi or the cell network. During this time, users are left exposed with zero security to keep them and their corporate data safe.
Cybercriminals are likely to change their tactics when they realize that these services and their enterprise customers lack the link security that their email systems offer.
There is a fix
When a team member posts a link to a channel in Slack or a room on HipChat, the integration checks MetaCert’s Treat Intelligence system to see if it’s dangerous or not. If a link has been labeled as ‘Malware and Phishing’, an alert is sent to the channel/room so users can proceed with caution or avoid opening the link.
Check out the MetaCert Security Integration with a built-in Security Bot for Slack here.
You can also check out the HipChat Security Integration with built-in anti-spear phishing protection, here.
Both of these security services take less than 30 seconds to install and configure.