UK Facebook Hacker Jailed For 8 Months

Outsmart Malicious Hackers


It’s a pretty harsh sentence if you ask me, especially since Facebook decided in July 2011 to start paying bug bounties.

I have to say though, this guy must be a pretty talented hacker to break into the Facebook servers – they aren’t exactly low hanging fruit. I’d imagine they are some of the most hammered servers in the World (especially by script kiddies).

Sadly, however talented he is, or whatever his intention was in reality – what he did was illegal and he can be punished (fairly harshly) for it.

York-based software development student has been sentenced to eight months in jail for hacking into social networking site Facebook, including three of its servers, from his bedroom.

According to the BBC, Glenn Mangham, 26, had admitted to hacking into Facebook between April and May 2011.

Mangham used an ethical hacking defence, saying that after he showed search engine Yahoo how it could improve its security, he wanted to do the same for Facebook.

Yahoo had “rewarded” Mangham (with GBP7,000) for revealing its vulnerabilities previously, his lawyer Tom Ventham said.

However, prosecutor Sandip Patel said that Mangham had acted “with determination, undoubted ingenuity and it was sophisticated, it was calculating”.

Patel told London’s Southwark Crown Court that Mangham had “unlawfully accessed and hacked” into Facebook’s website and its computers from his bedroom in Yorkshire, and then downloaded “invaluable” intellectual property onto an external hard drive.

It’s not the first time Facebook has been hacked or security issues have surfaced, but it is the first time I recall someone being jailed for it. Facebook security hasn’t always had the best reputation – remember not long ago – Facebook Attachment Uploader Owned By A Space.

Yah that wasn’t a flaw that could be leveraged to hack Facebook itself, but it was a demonstration of some of the sloppy coding involved in Facebook.


Judge Alistair McCreath said that Mangham’s actions were not “just a bit of harmless experimentation” – despite acknowledging that Mangham had never intended to pass on the hacked information nor make any money from it.

“You accessed the very heart of the system of an international business of massive size, so this was not just fiddling about in the business records of some tiny business of no great importance.

“You and others who are tempted to act as you did really must understand how serious this is.

“The creation of that risk, the extent of that risk and the cost of putting it right mean at the end of it all, I’m afraid a prison sentence is inevitable,” McCreath said.

Prosecutor Patel said that Facebook spent $200,000 (GBP126,108) on investigating Mangham’s hacking.

A spokesperson for the social network said that personal user data was not compromised by the breach, and added: “We take any attempt to gain unauthorised access to our network very seriously, and we work closely with law enforcement authorities to ensure that offenders are brought to justice.”

No one is publishing exactly what the hack was, how he got in, or even what data he got access to – but Facebook are taking it seriously so I imagine it was an important part of their infrastructure.

But they state no personal user data was compromised, so I’m not exactly sure what he got hold of.

Source: Network World

Posted in: Exploits/Vulnerabilities, Legal Issues, Web Hacking

, , , , ,


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


2 Responses to UK Facebook Hacker Jailed For 8 Months

  1. jeff Hopkins February 22, 2012 at 4:31 pm #

    If he was good we wouldnt be having this conversation,and he wouldnt be in jail…..thats when you know your good,lol

  2. xxx_crypto_xxx February 24, 2012 at 12:02 am #

    I’ve been a long time friend of his. He goes by the name gammaray. What he found out about yahoo is published. As http://www.exploit-db.com/author/?a=948 ( A Post-mortem of Yahoo! Account Security )

    He was in the middle of writing the same document for facebook when he got arrested June 2nd 2011. This is why there hasn’t been anything published.

    It was stated in an article that he acquired a “security key” of some type.

    This key most likely had something to do with the user database. ( I’m guessing )

    Knowing his work in the past. He does not publish anything until he fully gains control. Then submits his report.

    Thanks for your time,
    Crypto