Facebook founder Mark Zuckerberg’s own Facebook page has been hacked by a disgruntled user who was ignored when he submitted bug reports to the social networking site. White hat hacker Khalil Shreateh reported to Facebook about a vulnerability that allowed him to post on anyone’s wall, but when Facebook security team ignored him, he decided to call their attention the best way he knew how.
Khalil, a Palestinian ethical computer hacker, defended his story on his blog. According to him, he discovered a “serious facebook vulnerability that allows a facebook user to post all facebook users timeline even they are not in his friend list.”
He reported his discovery on Facebook’s whitehat page, but the security team told him the link he provided had an error. He explained that he posted a link to a wall of a certain Sarah Goodin, who wasn’t in his friends’ list and who was in the same college with Zuckerberg.
The security team of the Web site did not see the error because they did not have the authority to view Sarah’s private timeline post. He explained as such to the team, and even told them he might post to Zuckerberg’s page.
But again, the security team did nothing, just replying, “I am sorry this is not a bug.”
So Khalil posted his message on Zuckerberg’s timeline to prove his point.