Hackers reveals how hacking was done for multiple Facebook Accounts

It is one of the most searched question on internet “How to Hack Facebook”. It is not so difficult as you think, here is some views from the white hat hacker how they have done multiple Facebook accounts hacked with just simple computer skills. The white hat hacker said that having simple computer knowledge, people can easily hacked the facebook account. It’s true and whatever the things mention on this article would be about facebook hack as perspective of the white hat hacker’s way.

However your facebook account would be i.e. either strong or weak and how much you have taken extra security measures to protect your facebook account, it can be easily hacked.

Gurkirat Singh from California had found a loophole in Facebook’s password reset mechanism which had given complete access to the hackers to the victim’s facebook account, to view message conversation and any type of payment card details, even any publish post and whatever the real account holder can do on their accounts.

To hack multiple facebook accounts, Gurkirat Singh first collected valid facebook IDs by making queries to Facebook Graph API and started with 100,000,000,000,000 since Facebook IDs are of 15-digit long and then after visited www.facebook.com/[ID] with a valid ID number in the place of [ID]. Since then, the URL automatically redirected and changed the Facebook ID to the user’s username. In this way, he was able to make a list of 2 Million valid Facebook usernames. Then after using the script, hundreds of proxies and random user-agents, Gurkirat automatically initiated the password reset requests for those 2 million users, each assigned a 6-digit password reset code, which consume the complete 6-digit range. Then after he picked random of 6-digit numbers and using a brute forcing script use the password reset process, hoping that this number had been assigned by Facebook to someone in his list of 2 Million usernames. This practically executed the things and managed to find a right password reset code and username that would allowed him to reset the password. And finally he became able to hijack a random user’s facebook account.

So Gurkirat was awarded with worth $500 since he found that the patch is not strong enough to mitigate the facebook vulnerability. However, facebook provides you more extra security to protect your account against such attacks, so no need to worry on facebook attack. Then after, many securities’ majors have been taken to secure it.