Hackers can easily access your Facebook account, update FB android app now

Today, smartphone users are increasing day-by-day, in the meantime million of users use Facebook through their Android smartphone app. BUT your Android FB apps could give unauthorized access of your account—an Egyptian security researcher Mohamed Ramadan found two vulnerabilities in Facebook app of Android that could allow an attacker to steal your FB access token that opens door to access your FB account.

The fact behind the vulnerability which could give access to your FB account is- Facebook access token expires never. Ramadan shows an example (he checked the stolen FB access token in Facebook graph explorer and found it expires never.)

Now have a look to vulnerabilities Ramadan found:

1. Ramadan found vulnerability in Facebook messenger & Facebook main app, he writes in his blog-an attacker needs to send an attachment like: a movie, doc, pdf, pic or any files that can be attached in Facebook messages, something like this through android app of Facebook. On click to download that attachment your Facebook access_token is leaked to android logcat which allows an android app to read and capture your Facebook access_token stealthy, that’s it you have been hacked.

- See more at: http://hackersnewsbulletin.com/2013/10/hacker-can-easily-hack-facebook-account-update-fb-smartphone-app-now.html#sthash.ytMHQ4sU.dpuf