Someone accessing my Facebook account bypassing 2FA and notifications of foreign login attempt
You were likely infected with malware that stole your browser's cookies that contain your session tokens for those websites. This would allow them to bypass logging in altogether as those cookies are what the websites use to authenticate you after you logged in.
Changing your password should invalidate the old session tokens. If they still have access to your account they've either added an alternative login method (maybe to do with the phone number they added?) or the malware is still on your system and they were able to get the new tokens when you logged in to your account after changing your password.
59 minutes ago, StoneFire said:PS, they never managed to change my passwords anywhere but I'm sure they were trying as they managed to add a foreign phone number to my facebook while I was already on top of the situation, so they were probably trying to exploit the weak ass security of using text based options.
Most websites require you to type your old password when setting a new password. If they did indeed steal your session cookies then they wouldn't have your password and would be unable to change it.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now