Facebook Security Flaw Let’s Users Hijack Pages From Original Owners

Facebook Flaw

Facebook FlawA strange Facebook security flaw has allowed page administrator to kick off original Page creators from the admin list, thus hijacking the page from an original owner.

The hack was discovered by security blog Naked Security and works by providing new admins with the same administrative rights as the page creator, even though Facebook FAQ clearly notes that the “original creator of the Page may never be removed by other Page admins.”

While that’s the way the program “should” work, the video shown below clearly shows a different type of system in which any administrator can kick out an original admin, even if they are the person who created the page.

According to the Register Facebook FAQ errored in terminology, in any case, the reality of the situation doesn’t match the rights of page owners and administrators.

Here’s the video showing the error: [Read more…]