Zuckerberg Profile Hacked With New Facebook Post Exploit

Over the weekend a Palestinian information systems specialist used an exploit to make a post on the profile of Facebook‘s creator, Mark Zuckerberg. According to CNN, Khalil Shreateh, a West Bank resident, tried to report the flaw to the Facebook team multiple times, but did not receive any real acknowledgement.

Facebook Now Owns Technology to Recognize Your Voice & Translate it Into Any Language

Facebook's product management director announced yesterday that the company would be buying Mobile Technologies, a leading company in speech recognition.

Click here to read more

“Dear Mark Zuckerberg, First sorry for breaking your privacy and post to your wall , i has no other choice to make after all the reports i sent to Facebook team,” read the post.

The hack, according to, allows the exploiter to post on any Facebook user’s wall, even if they are not “friends.”

Shreateh made a post on his blog outlining what he did and his limited conversations with the people at Facebook. The post includes video evidence of how the exploit worked (view above).

“Days ago i discovered a serious facebook vulnerability that allows a facebook user to post to all facebook users timeline even they are not in his friend list .

i report that exploit through whitehat –>
this email shows my report including facebook security replay : -“

The link at the bottom of the last correspondence went to the profile of Sarah Goodwin, a friend of Zuckerberg from his time at Harvard.

As it turns out, the Facebook development team could not view the link because they didn’t have the permissions to view the profile, most likely because they were not “friends” with the Goodwin, explained Shreateh. After that report went ignored, he decided to prove the exploit by making a post on the profile of Facebook CEO, Mark Zuckerberg.

The ONION Twitter Hacked by Syrian Electronic Army

The Syrian Electronic Army has struck again!.. this a joke?

Click here to read more

Minutes later, a Facebook security engineer named Ola Okelola made a comment on the post, asking Shreateh for details about the hack.

Facebook quickly disabled his account as a precaution. The young white-hat hacker sent a message to the social network asking for them to enable access to his account.

Although they were nice enough to reinstate his profile, Shreateh was deemed ineligable for the Facebook white-hat program, which encourages people to provide the Facebook security team with bugs and exploits in exchange for money. The program has paid out over a million dollars to hundreds of reporters, according to Matt Jones, a member of the Facebook security team.

Jones has since confirmed that the hack has been fixed. He also admitted that the way the security team interacted with Shreateh was unsatisfactory, but when there is a language barrier it can sometimes be difficult to communicate efficiently.

Leave a comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

1 comment

  1. Cy – Fi found that she could make the crops grow faster
    by disconnecting the wi-fi connection on her phone and advancing the handset’s clock
    to force a game ahead in time. Radio Frequency Identification Technology is designed to
    make paying for a purchase easier and faster.
    It could have been used by a third party to login to your e-mails and
    change or reset passwords.