Home Technology Facebook Fixed A Bug That Could Have Deleted All Of Your Photos

Facebook Fixed A Bug That Could Have Deleted All Of Your Photos

When you purchase through our sponsored links, we may earn a commission. By using this website you agree to our T&Cs.

A security researcher earned a tidy reward from Facebook for reporting a major hole in the social network’s code

Facebook has patched a serious hole that allowed anyone to delete any user’s photos using only four lines of code. In a blog post on 7Xter, Laxman Muthiyah described the hole he discovered and said he could delete any photo album in just seconds using the code.

Facebook Fixed A Bug That Could Have Deleted All Of Your Photos

Facebook pays the researcher

The security researcher reported the hole to Facebook, which immediately patched the hole and paid him a reward of $12,500 for discovering it and reporting it. Muthiyah said he was playing around with the social network’s Graph API and considered what would happen if someone’s photos were deleted without them knowing about it.

“Obviously that’s very disgusting isn’t it,” he wrote in his blog post.

Easy to delete photos from Facebook

The cyber-security researcher made it sound so easy to delete anyone’s photo albums from Facebook. He tried it using a “Facebook for mobile access token.” This method gives a delete choice for all of the photo albums that have been loaded into Facebook’s mobile app. Additionally, he said it uses the same API as Graph. He ended up picking a photo album ID and a token for Facebook for Android and tried it out, with success.

As Adam Clark Estes of Gizmodo explains, the tokens used for Facebook access are basically just character strings that give apps permission to access a particular user’s profile. For example, logging into a game using a Facebook profile creates a unique token to allow users to get into the game using their profile on the social network.

Video of Facebook hack posted on YouTube

The security researcher posted a video of himself on YouTube showing how the hack works. He said it only took two hours for Facebook to close the hole he found. It’s certainly a good thing the hole was discovered by a white hat hacker who reported it because he could have gone through and deleted every photo album on Facebook using his code. What a mess that would have been.

Our Editorial Standards

At ValueWalk, we’re committed to providing accurate, research-backed information. Our editors go above and beyond to ensure our content is trustworthy and transparent.

Michelle Jones

Want Financial Guidance Sent Straight to You?

  • Pop your email in the box, and you'll receive bi-weekly emails from ValueWalk.
  • We never send spam — only the latest financial news and guides to help you take charge of your financial future.