Facebook announced Wednesday that it had fixed a security issue that would surely have caused the social network a lot of grief and public embarrassment.
A company spokesperson who spoke with Bloomberg confirmed that they had squelched a "peeping Tom" bug that would allowed hackers to use the webcams of unsuspecting Facebook subscribers to record and post videos on their behalf.
Facebook first learned of the bug back July when Aditya Gupta and Subho Halder, two Indian hackers who founded XY Security, notified the social network of the vulnerability. The company will be paying Gupta and Halder $2,500 for their information as part of its white hat program, a bounty system that encourages hackers and security experts to notify Facebook of potential security breaches in exchange for cash.
Gupta broke the news via his personal blog.
"Also, just few hours back, Subho Halder got an email from Facebook Security that we (Aditya Gupta and Subho Halder) will be getting a bounty of $2500 for a bug that we submitted 4 months back, that will come as a Facebook WhiteHat Debit Card," he wrote.
"The issue was in the video upload feature (via Webcam) of Facebook, as they didnt [sic] had proper security checks enforced. Using this, an attacker could trick a user to silently record his webcam video and publish it to his facebook wall, without the user even knowing about it."
For its part, Facebook maintains that there were no victims of the bug.
"This vulnerability, like many others we provide a bounty for, was only theoretical, and we have seen no evidence that it has been exploited in the wild," spokesman Fred Wolens told the Bloomberg.
"Essentially, several things would need to go wrong—a user would need to be tricked into visiting a malicious page and clicking to activate their camera, and then after some time period, tricked into clicking again to stop/publish the video."
Photo via bfishadow/Flickr
Homeless man plays best cover of Styx's 'Come Sail Away' you've ever heard
Are we sure this isn't really Dennis DeYoung?33k
Husky scarfs down pot-laced Rice Krispie treats, trips balls
It's both a funny and pitiful sight.7.9k
Kids reacting to the gay marriage decision is everything
We could all learn something from this video.5.6k
German magazine files criminal complaint after revealing NSA targeted reporters
Der Spiegel's government source was allegedly outed by a U.S. embassy official.
The 3 biggest questions heading into the ESL ESEA final
The first edition of the ESL ESEA Pro League is coming to a head this weekend with $250,000 on the line.29