38 Responses

  1. Martijn June 28, 2013 at 11:38 am #

    I think the guy got paid 20k USD rather than GBP.

    • Graham Cluley
      Graham Cluley June 28, 2013 at 11:41 am #

      You're quite correct. I've fixed the article. Poor guy – that's even worse than £20,000!

      Thanks Martijn.

  2. spryte June 28, 2013 at 2:22 pm #

    Interesting stuff… Gives one food for thought.

  3. John K. (@CheapestGasEl) June 29, 2013 at 9:43 pm #

    Retard! He should have kept that method to himself and controlled accounts that had big fan pages. He could have made 20k+ per day from posting on big fan pages.

  4. Trip June 29, 2013 at 9:48 pm #

    should have been awarded more.. unlucky!!

  5. shahid shakeel August 24, 2013 at 8:44 pm #

    Awesome

  6. chabota September 2, 2013 at 12:10 am #

    my account got hacked and the hacker got my facebookpage do you know any one in facebook that can hrlp or can you hack him for me all i have is his ip address

  7. Rajesh Kumar September 2, 2013 at 8:42 pm #

    I am facing some problem to open my facebook account and someone hacked my account and they changed everything under setting, please can you send me the password to open that account

  8. Phil September 4, 2013 at 9:54 am #

    Can u please help me hack my wife's fb account I know she's cheating thanks

  9. jabin September 8, 2013 at 5:32 am #

    Pls…… give me a video…

  10. Nitin September 8, 2013 at 8:05 am #

    Hii thanks for your info. I am from India and I want to hack some cheaters facebook account. But as you mentioned that the first thing we have to do is to send a message contains letter f to facebook. But to which number should I need to send as I was in India

    • Graham Cluley
      Graham Cluley September 8, 2013 at 9:59 am #

      Send your contact details to Facebook's security team. I'm sure they'll be interested in what you're trying to do…

      • sadat September 23, 2013 at 2:41 pm #

        How can I hackf FB account I want to hack could you please hack this account.

      • Jim Dibb November 27, 2013 at 4:39 pm #

        Some dumb individuals read your blog…

  11. arman khan September 10, 2013 at 7:11 am #

    my id suspended how can open my id please solve my problem and open my id

  12. Sophie Scott September 12, 2013 at 9:39 pm #

    Can the person track your number, especially if they have your contact number?

  13. john gotti September 23, 2013 at 5:03 pm #

    IT IS IMPOSSIBLE TO GET A DIRECT NUMBER TO FACEBOOK
    SECURITY! YOU GET THE 800 NUMBER FOR FACEBOOK CORPORATION IN CALF
    BUT THEN YOU GET A RECORDING! THIS IS CRAZY! THEY SHOULD LEGALLY
    HAVE A DIRECT NUMBER SINCE THEY TAKE PEOPLE MONEY THRU PAYPAL,
    MASTERCARD AND VISTA!HELP ANYONE!

  14. raza October 5, 2013 at 7:54 pm #

    i am facing a problem with my facebool ID i just set the
    mobile login approval on my account but someone hack my ID and nw i
    am not getting a verification code and with that i don`t have any
    device in which i was login before and the 3rd thing is i am also
    not able to see my number on the verification code page

  15. texasgirl2010 October 9, 2013 at 4:54 am #

    hey, im having trouble on the part where you
    "alter parameter ids from your own to the victim"
    where do I go to do that? what form is it? is it under our
    settings? im so lost on that part.

  16. sofia October 28, 2013 at 5:43 am #

    I have reported many times, a fake facebook account someone
    made under my name. Friends have reported it, and yet Facebook does
    nothing about it. Do you know what else can I do? Thank you! I have
    a USER ID but i Cant get an email from this fake profile, an email
    would probably help to find out who did it!

  17. roshan November 1, 2013 at 6:21 pm #

    i know a security issue of facebook by which anyone can send message to anyone s profile as anyone on facebook… i want to contact facebook security team but how??

    • Graham Cluley
      Graham Cluley November 4, 2013 at 9:58 am #

      Details on how to report Facebook vulnerabilities:

      https://www.facebook.com/whitehat

  18. nancy November 5, 2013 at 2:01 am #

    was wondering the other day I was on my facebook and I was
    chatting with someone and it got weird acting the home page and a
    chat box open and I was talking to someone in another chat box on
    there and the other chat box had no name or anything but said dummy
    on it and then it went away , did you even here of this and I only
    have 3 people on my facebook

  19. Entailed November 5, 2013 at 5:49 am #

    After finding out someone was pretending to be a specific model, I told this individual of my findings and then they blocked me. Someone else already reported this person and nothing has been done to strip the profile from facebook. Why doesn't facebook do anything about fake profiles? Thank you.

  20. Stranger November 18, 2013 at 10:27 pm #

    PLEASE HELLPPPP!!!

    i was adding a ph. no to my fb account. and the no. added was the id of my 2nd account and now I am not being able to access my 2nd account. Both the accounts have same password and id and still both are active. Now, when I type the id and password i can access only one account.

    Now, how to access the other one??? What went wrong??

  21. Lakshi November 25, 2013 at 5:11 pm #

    you mean to say that facebook does not actually hide the number they ask for confirmation code??

  22. Shafie Madengu November 29, 2013 at 9:33 am #

    Am failling to open my account due to login approvals codes
    that i secured. I lost my codes so help me out.

  23. Vishu November 29, 2013 at 7:11 pm #

    Its free or does it cost something…..

  24. ManBearPig December 10, 2013 at 3:50 am #

    He said the vulnerability has been patched. As if
    he's going to hack an account for you even if it
    wasn't patched, how stupid are you people? If
    you're worried about Facebook security, then
    don't post things you wouldn't want getting out.
    Or better still, get rid of your FB account, seriously, why anyone
    would want to openly profile themselves on the internet is beyond
    me. You're handing all the blackhats out there a gift
    should they decide to target you. All for what? Some narsisistic
    self glorification? Anyone who is serious about security either
    understands the risks, and works accordingly or they don't
    have a FB account. I got rid of mine and i miss nothing (except
    hourly updates on what people are eating, when their house is
    empty, and how special they think they are because they had a
    child, like people haven't done that for thousands of
    years!) . Facebook will go down as one of the biggest scams in
    history for obtaining endless quantities of personal information
    for free from willing participants who blindly enter in all their
    details, then they sell it on to advertisers who can then target
    advertising at these people. BTW Graham, nice blog mate, read it
    daily is a beauty.

  25. Paul Taylor December 14, 2013 at 11:04 am #

    Millions of lines of code should be no excuse. At some
    point, someone who should have known better has broken a
    fundamental principle of website security design. Facebook must
    have code-review procedures that are followed before any code goes
    live, so someone should have reviewed that code to ensure that it
    followed basic security principles. You should never rely on a
    username or ID sent from the web browser to authenticate a request
    unless the ID is accompanied by a password that only the real
    account holder could know, or unless the request is part of a
    session that has already been authenticated. This demonstrates a
    systematic failure in Facebook’s security procedures. If they can
    make such basic errors then can we really trust any such
    organisation?

  26. emma clark December 21, 2013 at 8:09 am #

    my fb id has been disabled !! :( :(
    i dnt have either a passport or a driving license that they ask for :'(
    how can i get my id back as it was my life :/ :( :'(
    plzz help me !!

  27. chukaman February 16, 2014 at 7:35 pm #

    oh my gosh all the real morons come out to comment on a story like this one…

    graham, would two factor facebook auth have made any difference here? i'm guessing not, because the third party cellphone would be able to generate a working one time pin as well, or am i wrong here?

  28. Fire360Boy February 20, 2014 at 5:09 pm #

    facebook & yahoo is verrry poor in security

  29. Rui Pereira April 11, 2014 at 10:28 am #

    Are all these noobs retarded? "Help me to hack facebook accounts"!
    I'm glad you don't discriminate (read censor), otherwise i couldn't lmao with these peeps! ;)

Leave a Reply