New Facebook Messenger Hack Revealed, Voice Messages Can be Stolen [Video]

Facebook messenger hack

A newly discovered hack by a security researcher allows hackers to implement a Facebook Messenger hack and easily access your Facebook voice messages and download the files.

If you really hate typing a long message, you can record and send your voice message to your contacts. It’s a great convenience but it can also be extremely risky, depending on the nature of the messages you send.

How is the Facebook Messenger Hack So Easy?

The problem is with Facebook’s CDN, or content distribution network. When you record and send a voice message on Facebook Messenger, the audio file gets transmitted to Facebook’s CDN servers, where it is then made available to the receiver as well as yourself.

According to the Egyptian security researcher Mohamed A. Baset, who discovered the Facebook Messenger hack, there is a “lack of proper authentication and HSTS policy on Facebook’s CDN servers.” Due to this flaw, the actor (hacker) can now implement what is called an MITM attack – a Man In The Middle attack – whereby your audio file is exposed. The actor can then listen to the audio file, and with a simple HTTPS to HTTP conversion, can also easily and quickly download the file.

The video below (no audio) shows you just how quickly the hack can be implemented.

That’s the simplest way to explain how the hack works. At this point, the hack appears to work on Facebook Messenger, but it’s quite possible that WhatsApp voice messages are also vulnerable. That’s because WhatsApp’s assets are now owned by Facebook, and the same lack of strong authentication and HSTS policy could have made its way into the servers that WhatsApp uses as well.

How Can I Protect My Voice Messages from the Facebook Messenger Hack?

Sadly, the answer is, you can’t. Until Facebook does something about it, nothing will change. The company’s dev team reportedly sent a response to a query about this new Facebook Messenger hack, but they only said they would shortly enhance the security of their applications. Unfortunately, we don’t quite know what “shortly” means.




For now, the best you can do is avoid sending sensitive or personal information in voice messages.

This next video shows you how another Facebook Messenger hack (patched since then) was discovered last month that would allow actors to access all your Facebook Messenger chat messages.

The above hack was submitted to Facebook through their Bug Bounty program, and was patched shortly thereafter. We don’t know when a patch is coming for this new Facebook Messenger hack for voice messages, but it should be soon. In the meantime, under any circumstances, DO NOT send your Grandma’s secret family recipe over voice message!


Thanks for reading our work! Please bookmark 1redDrop.com to keep tabs on the hottest, most happening tech and business news from around the world. On Apple News, please favorite the 1redDrop channel to get us in your news feed.

Source