homepage Welcome to WebmasterWorld Guest from 54.226.0.225
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / WebmasterWorld / Community Building and User Generated Content
Forum Library, Charter, Moderators: rogerd

Community Building and User Generated Content Forum

    
FaceBook Wall Hack
I've seen it in action, info?
rocknbil




msg:4164410
 7:52 pm on Jul 4, 2010 (gmt 0)

So a trusted friend sends me a link to an Acai berry spam site. This is not typical of this person. I went to her location, and many - not all - of her friend's walls have been posted to with the same ad.

I found various resources about the wall hack, none of them definitive, the most common causes being phishing, games with malware payloads, or possibly the security breaches as far back as '08.

We still have access to her account, this person is Phish-wise, and doesn't not mess with FaceBook games. We were able to change her password, and did so . . . then began deleting the posts from her friends' walls. During this time, 6 more appeared. It wasn't until we walked through the process FaceBook offers, which disables the account, does several verifications, etc., that the wall posts stopped.

Does anyone have any further info on possible causes and prevention of the wall hack, or is just anyone on FB vulnerable to it?

 

rogerd




msg:4165550
 3:36 am on Jul 7, 2010 (gmt 0)

Interesting, rocknbil...

Anyone have a clue?

hugh




msg:4165561
 4:12 am on Jul 7, 2010 (gmt 0)

Sounds as if they've been infected by a virus. Koobface might be the culprit...

[symantec.com ]

rocknbil




msg:4165923
 5:12 pm on Jul 7, 2010 (gmt 0)

While I won't say that's wrong, I'll say it's fairly unlikely, this person is a bit too web wary to install *anything* and we did do a scan of all systems. I mean, she calls/emails me with "FireFox wants me to update, should I?" :-)

hugh




msg:4166103
 9:23 pm on Jul 7, 2010 (gmt 0)

I did a lenghty search and a virus or a hacked account were the only explanations I could find. What AV software are they using? And are they using WIFI? If so how secure is it?

rocknbil




msg:4166199
 12:36 am on Jul 8, 2010 (gmt 0)

I couldn't find anything either, but found most explanations leading to phishing or the data breaches way back (which IS a possibility, she hadn't changed her pw in quite some time.) Grisoft AVG which has Koobface in it's definitions (checked,) hard wired 256 K DSL, also did a spybot and AdAware cleanse for good measure, what I'd call a "low risk" user, uses it only for working operations and no major security passes through it.

I guess if I found out how they do this kind of hack other than the obvious, I could figure out how to prevent it.

hugh




msg:4166275
 4:20 am on Jul 8, 2010 (gmt 0)

Are they running decent third party software firewall (not bundled non-sense or Windows firewall) monitoring in/outbound trafic? I find they're a good means of backing up the validity of an AV client...

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Community Building and User Generated Content
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved