Welcome to WebmasterWorld Guest from 23.20.184.141

Forum Moderators: rogerd

Message Too Old, No Replies

FaceBook Wall Hack

I've seen it in action, info?

     
7:52 pm on Jul 4, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 28, 2004
posts:7999
votes: 0


So a trusted friend sends me a link to an Acai berry spam site. This is not typical of this person. I went to her location, and many - not all - of her friend's walls have been posted to with the same ad.

I found various resources about the wall hack, none of them definitive, the most common causes being phishing, games with malware payloads, or possibly the security breaches as far back as '08.

We still have access to her account, this person is Phish-wise, and doesn't not mess with FaceBook games. We were able to change her password, and did so . . . then began deleting the posts from her friends' walls. During this time, 6 more appeared. It wasn't until we walked through the process FaceBook offers, which disables the account, does several verifications, etc., that the wall posts stopped.

Does anyone have any further info on possible causes and prevention of the wall hack, or is just anyone on FB vulnerable to it?
3:36 am on July 7, 2010 (gmt 0)

Administrator

WebmasterWorld Administrator rogerd is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 2, 2000
posts:9686
votes: 0


Interesting, rocknbil...

Anyone have a clue?
4:12 am on July 7, 2010 (gmt 0)

Junior Member

5+ Year Member

joined:Jan 10, 2007
posts:145
votes: 0


Sounds as if they've been infected by a virus. Koobface might be the culprit...

[symantec.com ]
5:12 pm on July 7, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 28, 2004
posts:7999
votes: 0


While I won't say that's wrong, I'll say it's fairly unlikely, this person is a bit too web wary to install *anything* and we did do a scan of all systems. I mean, she calls/emails me with "FireFox wants me to update, should I?" :-)
9:23 pm on July 7, 2010 (gmt 0)

Junior Member

5+ Year Member

joined:Jan 10, 2007
posts:145
votes: 0


I did a lenghty search and a virus or a hacked account were the only explanations I could find. What AV software are they using? And are they using WIFI? If so how secure is it?
12:36 am on July 8, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 28, 2004
posts:7999
votes: 0


I couldn't find anything either, but found most explanations leading to phishing or the data breaches way back (which IS a possibility, she hadn't changed her pw in quite some time.) Grisoft AVG which has Koobface in it's definitions (checked,) hard wired 256 K DSL, also did a spybot and AdAware cleanse for good measure, what I'd call a "low risk" user, uses it only for working operations and no major security passes through it.

I guess if I found out how they do this kind of hack other than the obvious, I could figure out how to prevent it.
4:20 am on July 8, 2010 (gmt 0)

Junior Member

5+ Year Member

joined:Jan 10, 2007
posts:145
votes: 0


Are they running decent third party software firewall (not bundled non-sense or Windows firewall) monitoring in/outbound trafic? I find they're a good means of backing up the validity of an AV client...