How to hack Facebook account is something that almost everyone wants to know – And now, a security researcher has reported to Facebook that Oculus Integration allowed him to hijack Facebook accounts. According to the findings of a security researcher, Oculus app is vulnerable to exploitation because a malicious actor can hack Facebook account by exploiting Oculus integration.

Oculus was established in 2012 and it is most famous for the Oculus Rift Virtual Reality (VR) headset. To provide its users a more ‘social’ experience Facebook acquired Oculus VR in July 2014.

In August 2014, Facebook added Oculus assets to its white hat bug bounty program through which the social network managed to identify various vulnerabilities in Oculus service. Some flaws were of serious nature and a researcher fetched $25,000 for discovering a series of flaws.

Given this vulnerable nature of Oculus VR, web security consultant Josip Franjković decided to probe further into the Oculus app for Windows primarily because it allowed users to link their Facebook account to the app. He identified that using especially designed GraphQL queries, an attacker can easily connect the Facebook account of any user to attacker’s Oculus account.

GraphQL query language was developed by Facebook in 2012. It was, therefore, observed by Franjković that it was possible to hijack Facebook accounts through abusing the social network’s integration with Oculus VR headset. Read more from…

thumbnail courtesy of