|FaceBook Wall Hack|
I've seen it in action, info?
| 7:52 pm on Jul 4, 2010 (gmt 0)|
So a trusted friend sends me a link to an Acai berry spam site. This is not typical of this person. I went to her location, and many - not all - of her friend's walls have been posted to with the same ad.
I found various resources about the wall hack, none of them definitive, the most common causes being phishing, games with malware payloads, or possibly the security breaches as far back as '08.
We still have access to her account, this person is Phish-wise, and doesn't not mess with FaceBook games. We were able to change her password, and did so . . . then began deleting the posts from her friends' walls. During this time, 6 more appeared. It wasn't until we walked through the process FaceBook offers, which disables the account, does several verifications, etc., that the wall posts stopped.
Does anyone have any further info on possible causes and prevention of the wall hack, or is just anyone on FB vulnerable to it?
| 3:36 am on Jul 7, 2010 (gmt 0)|
Anyone have a clue?
| 4:12 am on Jul 7, 2010 (gmt 0)|
Sounds as if they've been infected by a virus. Koobface might be the culprit...
| 5:12 pm on Jul 7, 2010 (gmt 0)|
While I won't say that's wrong, I'll say it's fairly unlikely, this person is a bit too web wary to install *anything* and we did do a scan of all systems. I mean, she calls/emails me with "FireFox wants me to update, should I?" :-)
| 9:23 pm on Jul 7, 2010 (gmt 0)|
I did a lenghty search and a virus or a hacked account were the only explanations I could find. What AV software are they using? And are they using WIFI? If so how secure is it?
| 12:36 am on Jul 8, 2010 (gmt 0)|
I couldn't find anything either, but found most explanations leading to phishing or the data breaches way back (which IS a possibility, she hadn't changed her pw in quite some time.) Grisoft AVG which has Koobface in it's definitions (checked,) hard wired 256 K DSL, also did a spybot and AdAware cleanse for good measure, what I'd call a "low risk" user, uses it only for working operations and no major security passes through it.
I guess if I found out how they do this kind of hack other than the obvious, I could figure out how to prevent it.
| 4:20 am on Jul 8, 2010 (gmt 0)|
Are they running decent third party software firewall (not bundled non-sense or Windows firewall) monitoring in/outbound trafic? I find they're a good means of backing up the validity of an AV client...