There have been reports of a strange trick that is potentially leaving links in your private Facebook messages open for strangers to access. It may come as a worry that your flirty memes and viral cat video messages might have been snooped on, but there are reportedly no plans to fix the bug.
According to a recent report by cybersecurity company Checkpoint, the official developer’s application Facebook Crawler can be exploited to see what links have been sent through the private messaging application. The purpose of Facebook Crawler is to assign website links and attachments an identification number, and then store this information.
Once you share a link and it is assigned a number, anybody can then find information about the link by searching for the identification number.
Quartz tested out this theory and discovered that it was indeed possible to access information about links using just the appropriate number.
The good news is that this technique can’t be used to obtain which links have been shared by specific users. It essentially requires a would-be hacker to pump in endless identification codes all day until they find something worthwhile. Nevertheless, it could potentially be used to find a link that contains sensitive information, like a website link to a private Google Doc.
Inti De Ceukelaire, a reporter from Quartz, reached out to Facebook to highlight the issue. However, they replied saying that the technique was “intentional behavior” and suggested there would be no attempts to address the issue.