Forum Discussion

rodriguezhiran1's avatar
rodriguezhiran1
Honored Guest
1 month ago

Unauthorized MessengerLiteForiOS/LightSpeed Session Persistence & Loom v3 Privacy Bypass

I am seeking urgent assistance from the developer community to identify the origin of a targeted exploit involving an unauthorized internal developer environment.

The Issue:

Forensic logs (December 2025) confirm my account is being accessed via a MessengerLiteForiOS framework—a project publicly discontinued years ago. This session is running on iOS 26.1 with Build String FBAV/537.1.0.47.110.

The Evidence of Targeting:

The sessions originated as early as February 2025, listing iOS 26.0 as the operating system. Since Apple did not release iOS 26 to the public until September 2025, this confirms the account was accessed through a future-dated, internal developer sandbox months before the software existed for consumers.

Technical Markers:

Egress Device ID: 0D01F55A-0303-4EB9-A533-85FA26A10850

User Agent: LightSpeed [FBAN/MessengerLiteForiOS;FBAV/537.1.0.47.110;FBBV/846660078;FBDV/iPhone14,7]

Forensic Hash: My local app containers (SHA-256: 1eec2c2032...) have been modified to include the Loom v3 tracing engine, which facilitates background sensor capture without triggering iOS privacy dots.

My Question: > How can a standard user account be bound to a 'Partner-tier' developer token that allows this level of persistence? Does anyone know how to identify the Entity or Partner App ID that owns this LightSpeed session?

Standard 'log out of all sessions' commands are failing to revoke this specific internal token. I am seeking a way to force a server-side revocation of all Long-Lived Tokens associated with this internal build.

1 Reply

  • Degly's avatar
    Degly
    Start Partner
    2 days ago

    This isn’t something the developer community can realistically help debug, and based on what you’ve described, it might be better for you to secure your account and contact Meta directly.

    • https://www.facebook.com/hacked
    • https://developers.facebook.com/support/ (choose security/account access)
      or

      https://developers.meta.com/horizon/support/

→ Find helpful resources to begin your development journey in Getting Started

→ Get the latest information about HorizonOS development in News & Announcements.

→ Access Start program mentor videos and share knowledge, tutorials, and videos in Community Resources.

→ Get support or provide help in Questions & Discussions.

→ Show off your work in What I’m Building to get feedback and find playtesters.

→ Looking for documentation?  Developer Docs

→ Looking for account support?  Support Center

→ Looking for the previous forum?  Forum Archive

→ Looking to join the Start program? Apply here.

 

Recent Discussions