• No events
AEC v1.0.4

Cyber Security Info

Facebook SDK vulnerability reveals user’s access token

July 7, 2014

Share Button

MetaIntell has discovered a serious vulnerability of the Facebook SDK used by mobile applications on Android and iOS to login via Facebook. As demonstrated on the Viber app, user’s access token is stored unencrypted on the device allowing anyone with access to the device as well as Android apps with access to the filesystem to steal it and get access to the user’s Facebook account. 

Share Button