RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Facebook Messenger

Product
Developers: Facebook
Last Release Date: 2020/11/23
Branches: Internet services

Content

Main article: Instant Messenger (IM)

Audience

2018: Daily and monthly audience in Russia

Data for 2018

2017: Monthly audience - 1.2 billion

Facebook announced in April 2017 that the monthly audience of its Messenger reached 1.2 billion people. This despite the fact that access to Facebook and its products is closed in the most populous country in the world - China.

Thus, the messenger of the most popular social network in the world caught up with the number of WhatsApp users. The Instagram audience messenger from Facebook now exceeds exactly twice.

It is noteworthy that all three products now belong to Facebook.

The monthly audience of Facebook itself exceeds 1.8 billion people. In Russia, Facebook with a monthly audience of 14.5 million people is inferior in popularity to Vkontakte (87 million), Odnoklassniki (73 million), Instagram (18.5 million) and My world (16 million).

2021: Group-IB recorded an attack on Facebook users in 84 countries

On April 20, 2021, Group-IB announced that it had warned Facebook of a large-scale attack on Facebook Messenger users in 84 countries, including Russia. Group-IB Digital Risk Protection experts found 5,700 fraudulent advertising publications and about 1,000 fake social network profiles that were used in this scheme.

The number of Facebook Messenger users in April 2021 in the world exceeds 1.3 billion, and about 2.7 billion people use the social network itself. Not surprisingly, fraudsters show increased interest in Facebook and try to use all new ways to steal accounts. data

For the first time, Group-IB Digital Risk Protection experts recorded a fraudulent scheme in the summer of 2020 - attackers distributed links to download a non-existent Facebook Messenger "update." In April 2021, the number of fake Facebook posts offering to install the "last update" of the messenger reached 5700. Users from 84 countries of the world, including Russia, Europe, Asia, the MEA region, the Americas, were attacked .

To put to sleep the vigilance of users, fraudsters used in the accounts from which messages were distributed, names consonant with the messenger: Messanger, Meseenger, Massengar, etc., and as an avatar they downloaded the official icon of the application. The advertising publications themselves spoke about the additional functions of the messenger, in which both real and fictional ones - for example, they offered to download a non-existent Gold version of the messenger.

The message itself contained a short link created using the services linktr.ee, bit.ly, cutt.us, cutt.ly, rb.gy, however, after going through it, users got to the phishing site with a fictitious form for. As authorizations a result, the victim risked losing access to his account, as well as "merge" other ones - personal data the number and. phone In the e-mail future, they can be used by cybercriminals for extortion, mailing or spam sold on forums hacker.

Image:Фейсбук мессенджер.png
Fig. Fraudulent Facebook Ad
File:Aquote1.png
Attackers not only skillfully play on human feelings - curiosity, fear, thirst for profit, but also use technology to promote, circumvent moderation and disguise their fraudulent schemes, "warns Andrei Busargin, deputy general director of Group-IB in the direction of Digital Risk Protection. - In order to identify these schemes and protect users, brands must be several steps ahead of attackers, identify and block the entire fraudulent chain - from start to finish, and digital risk protection solutions can become a "silver bullet" in this case.
File:Aquote2.png

A study of the fraudulent scheme with Facebook Messenger was carried out using the Group-IB Digital Risk Protection platform. Thanks to the use of neural networks, artificial intelligence and automated graphical analysis of data on cyber threats Group-IB Threat Intelligence & Attribution, the DRP system allows you to monitor the infrastructure of fraudsters in real time and eliminate it even at the stage of preparing attacks.

In order not to become a victim of fraudsters, Group-IB recommends that users download applications and updates only from official mobile app stores, and trust only verified company accounts from which advertising publications are sent.

2020

Fix a vulnerability that allows you to spy on Android users

Facebook has fixed a critical vulnerability in the Facebook Messenger messaging application for Android. This became known on November 20, 2020. Its operation allowed callers without permission to listen to the environment of other users before the subscriber at the other end answered the call.

Attackers could take advantage of this problem by sending a special type of message, known as SdpUpdate, that would force the call to connect to the called party's device before it was answered.

File:Aquote1.png
If this message is sent to the called device during a call, it immediately begins sound transmission that allows the malefactor to overhear an environment caused, - Natalie Silvanovich from Google Project Zero explained.
File:Aquote2.png

The problem was discovered in the version of Facebook Messenger for Android 284.0.0.16.119 in October 2020. Silvanovic also provided Python-based PoC code for exploiting the vulnerability to reproduce the problem in the Project Zero error tracking system.

To automatically connect a call, the PoC code for exploiting a vulnerability includes the following steps:

  • Waiting for the quotation to be submitted and saving the sdpThrift field from the quotation;
  • Send a message SdpUpdate with a target sdpThift;
  • Sending a fake message SdpAnswer the attacker to make the device believe that the call was answered and play the incoming sound.

File:Aquote1.png
To take advantage of this problem, an attacker must already have permissions to call a particular person, bypassing certain compliance checks (for example, friendship on Facebook). He will also need to use reverse design tools to manipulate his Messenger application and force him to send a casual message, "Silvanovich explained. [1].
File:Aquote2.png

Express Checkout Availability TalkBank

On August 10, 2020, the company TalkBank announced the launch of an instant transfer service by phone number in instant messengers.

According to the company, the fast payment system TalkBank for August 2020 is available to users of five messengers: WhatsApp, Telegram, Viber, Vkontakte, Facebook. You can make translations even with the help of Alice's voice assistant. More details here.

Facebook will add facial recognition to Messenger

Facebook plans to add facial recognition to Messenger, giving users a new level of protection against unauthorized access to correspondence.

An early version of this feature was discovered by[2], Hong Kong security researcher Jane Manchun Wong in the Facebook Messenger app. According to her, the function works the same way as biometric security systems in the messenger WhatsApp[3].

Users will be able to activate face-to-face authentication and choose when to enable blocking - 1 minutes, 15 minutes, or 1 hour after they exit Messenger.

File:Aquote1.png
"When facial recognition is enabled, users will need to use Face ID to unlock the application. They will still be able to read messages from notifications and answer calls if the app is blocked. Face ID is not transmitted or stored on Facebook, "the feature description says.
File:Aquote2.png

Face ID so far uses the same name as Apple's facial recognition system in iPhone X and newer models. Facebook is likely to change its name before this feature is available to all users.

2019

Peer-to-peer P2P payment option will be removed due to non-demand

In April 2019, it became known that the Facebook Messenger payment service would close due to non-demand. The decision of Facebook from June 15, 2019 to remove the option of peer-to-peer (P2P) payments from its messenger in the UK and France is caused by the low popularity of the service among consumers. This conclusion follows from the data provided by the analytical company GlobalData.

Then it became known that the company is going to shift its attention to payment solutions based on other principles of operation.

As a reason for FB's refusal to support the payment service in the messenger, the company GlobalData calls its low demand by consumers. And this despite the warm welcome given to him by large banks in the UK at the time of its launch in 2017.

A GlobalData analytical study of the retail banking sector Retail Banking Insight Survey 2018 revealed that mobile and online banking remain the most popular among consumers. They are followed by telephone service and personal visits to bank offices, and the instant messaging system is practically not used.

File:Aquote1.png
On paper, conducting banking through Facebook looks like a useful innovation. In reality, the functionality offered here is significantly inferior to other channels, which does not add to its popularity. Both mobile and Internet banking offer a wider range of operations. Users, as a rule, are in no hurry to give up their preferences. And this should be taken into account by banks when determining their sales strategy[4].
File:Aquote2.png

"Chats" are returned

Facebook can again make the functionality of the Messenger application part of the main social network application. The researcher Jane Manchun Wong reported about it in April, 2019 in Twitter social network, having put the corresponding screenshot. It is assumed that the merger in question will occur before the merger of WhatsApp, Instagram and Messenger into one platform, which the company plans[5].

After integration, the Messenger button will be saved in the Facebook application, but when you click on it, instead of starting a separate application, a new Facebook section called "Chats" will open. This section will contain a limited set of features that are present in Messenger - you can send and receive messages there.

To make calls, share photos and send reactions to a message, you will need to open Messenger itself. At the same time, both applications - Facebook and Messenger - will continue to exist.

A screenshot of Wong shows the new design of the Facebook application, made in white. For the first time, this design decision became known in January, and in March the first photos appeared. This Facebook design is very similar to the current appearance of Messenger, also in white, which the company made available to a wide audience in early 2019.

2018: Facebook messenger is recognized as the most unsafe

The analytical department of Artizio (part of the LANIT group of companies) on November 26, 2018 published a list of 20 messengers capable of providing a high level of privacy. The rating was compiled based on the results of comprehensive testing of programs, while the quality of data encryption and the reliability of information protection tools were key criteria in the formation of the final expert assessment, Artezio representatives told TAdviser. Experts recognized the messenger from Facebook as the most unsafe for keeping confidential correspondence . More details here.

2017: Group Payments

Since April, sending or receiving money through Messenger, through Android and desktops, is available to groups of people. Previously, such payments could only be made between two users.

According to Facebook, when calculating jointly, the user needs to go to a new or already started conversation in the Messenger group and make a payment. Then click on the plus sign in the lower left corner of the group conversation to display the menu of additional features, and the payment icon ($). Then choose who to send or who to request money. You can select all or only some members of the group. Then enter the amount you plan to request from a person or the total amount to split it equally among all, including or excluding yourself. Finally, you can specify what purpose the money is intended for. It can be a party organization, a gift to a teacher or another. When you are done, click Query.

In order to monitor payments as easily as possible, a notification will appear in the group conversation showing who paid. At any time, you can also actually view the query data in full screen mode.

In addition, in Messenger, a person does not need to remember a password. His debit card data remains safe and sound, and the service is completely free. Messenger payments are currently available in the United States.

2016

Group video chats

Facebook announced at the end of 2016 the launch of group video chats in its messenger: up to 50 users can participate in such chats simultaneously[6]

In the process of communicating with participants in a video meeting in FB Messenger, such means of additional interaction with interlocutors as "hyphens," emojis, stickers and selfie masks are available.

When connecting to a chat, each user sees only up to six people on a divided screen. If the meeting involves more participants, only the most active of them will be shown.

Encrypt messages on user devices

In the fall of 2016, Facebook Messenger launched a "secret" mode, which involves encrypting messages on users' devices. Thanks to this, no outsider can read messages - even Facebook itself. To enable encryption mode, you need the latest version of the application. It is not enabled by default for all contacts, it must be selected separately for each contact - as in Telegram. In WhatsApp, this mode works by default for all[7].

Notes