Hacker claimed to have found a bug in Facebook that can delete any account

*Update: Security Engineer from Facebook told computerworld that this claim is fake one.

"This is simply a hoax. The html source shown in the video clearly says 'No test user was deleted'. We've verified in our logs that the victim account was manually deactivated by visiting https://www.facebook.com/deactivate.php. "

Speaking to E Hacking News, a Security researcher and Bug Hunter Ehraz Ahmed claimed to have found a security vulnerability that allows him to delete any Facebook account.

The researcher tried to report bug to Facebook. However , the Facebook team rejected the finding saying that it is not valid one.

     Even though researcher sent a demo video, they denied his request.

video Demo:

I am just wondering how Facebook team rejected such a critical bug.  However, this is not the first time Facebook team rejected the critical vulnerabilities.  Most of times facebook team failed to understand the impact of the bug and later when the realize the severity , they fix the bug without acknowledging the researcher.

Recently , a hacker named "Khalil" posted the vulnerability report in mark zuckerberg wall after Facebook security team rejected the bug.

Share this with Your friends: