Welcome to WebmasterWorld Guest from 107.20.34.173

Forum Moderators: rogerd

Message Too Old, No Replies

FaceBook Wall Hack

I've seen it in action, info?

     

rocknbil

7:52 pm on Jul 4, 2010 (gmt 0)

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member



So a trusted friend sends me a link to an Acai berry spam site. This is not typical of this person. I went to her location, and many - not all - of her friend's walls have been posted to with the same ad.

I found various resources about the wall hack, none of them definitive, the most common causes being phishing, games with malware payloads, or possibly the security breaches as far back as '08.

We still have access to her account, this person is Phish-wise, and doesn't not mess with FaceBook games. We were able to change her password, and did so . . . then began deleting the posts from her friends' walls. During this time, 6 more appeared. It wasn't until we walked through the process FaceBook offers, which disables the account, does several verifications, etc., that the wall posts stopped.

Does anyone have any further info on possible causes and prevention of the wall hack, or is just anyone on FB vulnerable to it?

rogerd

3:36 am on Jul 7, 2010 (gmt 0)

WebmasterWorld Administrator rogerd is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Interesting, rocknbil...

Anyone have a clue?

hugh

4:12 am on Jul 7, 2010 (gmt 0)

5+ Year Member



Sounds as if they've been infected by a virus. Koobface might be the culprit...

[symantec.com ]

rocknbil

5:12 pm on Jul 7, 2010 (gmt 0)

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member



While I won't say that's wrong, I'll say it's fairly unlikely, this person is a bit too web wary to install *anything* and we did do a scan of all systems. I mean, she calls/emails me with "FireFox wants me to update, should I?" :-)

hugh

9:23 pm on Jul 7, 2010 (gmt 0)

5+ Year Member



I did a lenghty search and a virus or a hacked account were the only explanations I could find. What AV software are they using? And are they using WIFI? If so how secure is it?

rocknbil

12:36 am on Jul 8, 2010 (gmt 0)

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I couldn't find anything either, but found most explanations leading to phishing or the data breaches way back (which IS a possibility, she hadn't changed her pw in quite some time.) Grisoft AVG which has Koobface in it's definitions (checked,) hard wired 256 K DSL, also did a spybot and AdAware cleanse for good measure, what I'd call a "low risk" user, uses it only for working operations and no major security passes through it.

I guess if I found out how they do this kind of hack other than the obvious, I could figure out how to prevent it.

hugh

4:20 am on Jul 8, 2010 (gmt 0)

5+ Year Member



Are they running decent third party software firewall (not bundled non-sense or Windows firewall) monitoring in/outbound trafic? I find they're a good means of backing up the validity of an AV client...
 

Featured Threads

Hot Threads This Week

Hot Threads This Month