Facebook user profiles hacked

Powered by SC Magazine
 

Privacy woes continue to plague Facebook this week following the revelation that a spam campaign is hijacking user accounts and posting messages on the Wall feature of user profiles.

 


UPDATE: For information on the latest attacks on social media sites, see our coverage here:
iTnews - Hacker attacks silence Twitter, slow Facebook
CRN - Attacks on social networking sites fade away
SC Magazine - Twitter, Facebook and LiveJournal attacked


According to security vendor Fortinet, the spam messages link to typical spam sites such as online pharmacy shops, one of which has been sourced to a web host that also serves content for several pill pushing sites.

Fortinet’s Global Security Research Team warned that Wall posts containing links must be handled with care and recommends they should not be followed.

“While hijacked accounts have not been proved to be utilised for anything beyond posting relatively innocuous spam 2.0, it is not a stretch to think that links to drive-by-install malicious sites could be injected at some point,” warned Fortinet.

Users should be wary of phishing attempts when confronted by a login page or upon clicking a link contained in a friend's message, carefully check the login page URL, advised Fortinet.

Facebook's "Wall" feature, allows users to post comments on friends' profiles.

Meanwhile, the co-author of the book ‘Facebook — Now What???’, Jesse Stay revealed in a blog post last week that the incident may be linked to an application on Facebook known as Secret Crush.

Stay wrote that the application installed Spyware on peoples’ computers and Facebook was forced to remove it in January but two months later it still seemed to be wreaking havoc.

“Doing a search for “crush calculator” on Facebook revealed a few groups users have set up to apologise to their friends for someone hacking into their account and sending messages about the “Crush Calculator”.

Additionally, just last week security researchers uncovered a new wave of attacks in which profiles on Facebook were used to post images - in this case the images were of child torture.

According to Fortinet, Facebook has been notified and is looking into the issue.


Facebook user profiles hacked
 
Readers of this article also read...
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1801

Vote
Do you support the abolition of the Office of the Information Commissioner?