It is one of the most searched questions on the internet “How to Hack Facebook.” It is not so difficult as you think, here are some views from the white hat hacker how they have done multiple Facebook accounts hacked with just simple computer skills. The white hat hacker said that having real computer knowledge, people can easily cut the facebook account. It’s true and whatever the things mention on this article would be about facebook hack as the perspective of the white hat hacker’s way.

However your Facebook account would be, i.e., either active or weak and how much you have taken extra security measures to protect your Facebook account, it can be easily hacked.

Gurkirat Singh from California had found a loophole in Facebook’s password reset mechanism which had given complete access to the hackers to the victim’s Facebook account, to view message conversation and any type of payment card details, even any publish the post and whatever the real account holder can do on their minds.

To hack multiple facebook accounts, Gurkirat Singh first collected valid facebook IDs by making queries to Facebook Graph API and started with 100,000,000,000,000 since Facebook IDs are of 15-digits long and then after visited www.facebook.com/[ID] with a valid ID number in the place of [ID]. Since then, the URL automatically redirected and changed the Facebook ID to the user’s username. In this way, he was able to make a list of 2 Million valid Facebook usernames. Then after using the script, hundreds of proxies and random user-agents, Gurkirat automatically initiated the password reset requests for those 2 million users, each assigned a 6-digit password reset code, which consumes the complete 6-digit range. Then after he picked random of 6-digit numbers and using a brute forcing script use the password reset process, hoping that this number had been assigned by Facebook to someone in his list of 2 Million usernames. This practically executed the things and managed to find a right password reset code and username that would allow him to reset the password. And finally, he became able to hijack a random user’s Facebook account.

So Gurkirat was awarded worth $500 since he found that the patch is not strong enough to mitigate the facebook vulnerability. However, Facebook provides you more extra security to protect your account against such attacks, so no need to worry on facebook attack. Then after, many securities’ majors have been taken to secure it.