Facebook Hacked But Not Instagram

[Vicki Patolot]

A while ago, I was opening Facebook app on Android and then I got the message "Session expired. Please log in again.". I then tried logging in with my current password and was success to log in my account. Before, long time ago, when I created this account, I'd set up two-factor authentication for my account and when I checked after I did the log in, it was still active.

After that, I opened my laptop and Chrome then went to Facebook, just to find out that the session on PC was also logged out. After I logged back in, I went to security under settings and checked the section "When you're logged in" and I saw that all of the past logged in entries are gone. The only entries I got were those log in on my phone and my laptop (also appeared to be my trusted devices).

I was thinking of someone had tried (and succeeded?) to access my account, then logged out of all current sessions. However, I did not get any suspicious prompt on my phone to authenticate an unusual log in (Like "Did you just logged in near location xxxxx?"), also no warning email from my registered email telling me about my account being accessed on an unrecognized browser or computer.

Tl;dr: Facebook account suddenly got logged out of all devices, password was not changed, logged in entries are gone, no email warning about account being compromised, no two-factor authentication prompt showed up.

Additional article from The Hacker News - "unknown hacker or a group of hackers exploited a zero-day vulnerability in its social media platform that allowed them to steal secret access tokens for more than 50 million accounts" and "Facebook has already reset access tokens for nearly 50 million affected Facebook accounts and an additional 40 million accounts, as a precaution"

Action has already been taken for you. Any old token you had is no longer valid, not for you and not for an attacker either. That's why you suddenly were unable to access Facebook without re-logging in again. The same thing is true of anyone who might have wanted to exploit a token which let them spoof as you - they too would have to re-authenticate. None of Facebook's statements suggest that they're able to authenticate as you as the result of this particular exploit or vulnerability. They also don't totally make it clear that Facebook did more than just reset tokens - if that were all that they did, all the attackers would have to do would be to start collecting tokens again. I assume that Facebook patched the vulnerability at the same time so that stolen tokens can't be abused again in the future.

This question is a great opportunity to point out that FB badly botched the handling of this. Being unexpectedly logged out and asked to login again looks just like phishing and it should be treated as such by users.

After invalidating session tokens, Facebook should have made the invalid ones redirect not to the main login page, but to a page explaining the breach and asking the user to click logout, then manually type facebook.com in their browser location bar and login again.

You should consider deleting your account from sites that do not secure your data well enough. You'll have to weigh the benefits of being on this site versus the risk of another breach and the sensitivity of the data you send this company and everything they can guess from that. This might include your sexual orientation, your partners, affairs, financial situation, private chat messages...

Does this sound familiar? What do you do if you realize your Facebook account has been hacked? And how can you get back on and recover your account if the hacker has logged you out? Here's what you need to know.

No one wants to find out that their Facebook account has been hacked. Being locked out of your account, unable to let your friends know that you didn't send those suspicious links, or unable to log back in altogether can be upsetting and frustrating. But why does this happen? Why can't you get back into your account after being hacked?

Well, there are a few reasons. One could be that once the hacker accessed your account, they've entered your settings and changed the password, so you can't get back in without resetting it. If they've changed additional settings, it'll take more than a password reset to get back in.

The other way is that someone may have reported your posts or your account to Facebook, letting them know that a hacker has taken over the account. In some cases, Facebook will block the account for security reasons. In both situations, getting back onto the platform and recovering your account is difficult. But there are ways to do it.

If you've tried the above method, and you're still locked out of your account, it could be because the hacker has changed the email address and other verification information on file, which means any reset password links after that will go to them.

Facebook also allows friends to help each other recover their accounts. This is also true if your friend has passed away or is incapacitated and can no longer use their Facebook. By doing this, you help prevent hackers from taking over a vulnerable account. The steps you'd take, though, depend on the situation. For instance, there are cases where hackers create fake profiles to impersonate you.

7) Don't click on suspicious links or posts. The best way to protect yourself from clicking malicious links that install malware that may access your private information is to install antivirus protection on all your devices. This can also alert you of any phishing emails or ransomware scams. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

Facebook can be a risky place in general. As hackers become more inventive, there's no way to protect yourself 100% from scams. If you get hacked and logged out of your account, it's not enough to follow the steps to recover and log back in. You'll also need to update your security preferences and ensure you follow the security tips we've outlined.

Have you ever had your Facebook hacked and needed to recover your account? Were you successful? Why or why not? Let us know by writing us at Cyberguy.com/Contact.

Most shockingly, there was an advert running that I did not recognise, and that I certainly had not created. Hideously, it was set up to spend up to 1200 per day, and had already breezed through just over 168.
I nearly died.

Yes, I am pleased with the outcome. I got the refund and they cancelled the charges, as it was plainly obvious that the ad was created by someone other than myself, to promote something that was nothing to do with me.

This could help reduce the damage of a rogue ad. Even if the hackers changed these settings, the system should notify you about the change, so that in itself would be a useful warning to investigate your account.

Damages on my end are limited to about $40 for now, but still I had to put a hold on my account for anything that would come from PayPal as some transactions that were supposed to hit my account tomorrow were for a total of $1200, and not only from Facebook.

This happened to me last August 25, 2016 when I noticed unauthorized use of my account, I discovered that I was made as an Advertiser by a fraudulent company along with few more people from different parts of the world, unfortunately, the case was not resolved and I do not get to boost my Ads again. I had reported the incident many times and their response was far from positive. I was asking them if I can settle only the amount that I legitimately used and the Ad placed on me be waived and investigated, it was bad that they could not do anything about it. I really need a help since I want to restore my Boost buttons back.

Hi Marie, my FB ads manager also has been hacked, someone else was advertising from it, creating 11 ad accounts (Outstanding Balance = 382 USD) and Facebook was restricted my account and no way to recover it.
Please I would like to ask you if there is any other way to solve this problem since you have already encountered the same problem.
Thank you.

This happened to me on Tuesday 21st. I have a business manager account as I work across lots of accounts and spend a substantial amount of money with FB. No money was spent as I noticed the doggy ad before it went live. However I use the same payment source across campaigns which has now been stopped by FB. I have contacted them five times a day to resolve this issue. They are a joke, and seem totally incapable of dealing with or resolving the situation. Four days latter and they cant even say when the issue will be resolved. I am now losing clients as I cant run campaigns for them. Once my Google MCC account was hacked, it took them just 2hrs to arrange a credit and have me account live again. FB are beyond rubbish and hide behind online help.

Just fill that form. The information on this article is a bit outdated regarding that form. Just choose the transactions from that page and add a detailed response along with some screenshots of the hacked ad account where you can see the transactions.

One additional advice i would like to add:
Check your recent friends you have added. Sometimes you add a person and invite them to your page. It might be a hacker. Check for Admin roles in both your pages and ad management account.
This happened to me when i discovered a person i added to my friend list and invited to a page is somehow a hacker who set their role as admin to my ad account. I was able to remove them from the list but they have created ads worth Rs.52000 from my ad account in 3 days!
Reported today, still waiting to hear back from FB. They are investigating.

I used that option and sent an email explaining the situation, to which I received a very quick reply stating that they could not refund me because the ads were run according to my settings. (I think it was an auto-responder, not a real person, as it was so fast).

c80f0f1006