Facebook Accounts Hijacked by Spammers

According to the statement published on March 31, 2008 by SCmagazine, an Internet security vendor Fortinet warned that in the last week of March, a spam campaign obtained access to the user accounts of Facebook and send messages on the Wall feature of user profiles, continuing the security threats.

Fortinet researchers said that Facebook is looking into this problem. Mostly the spam messages are linked to typical spam sites like online pharmacy shops. This site provides content for many pill pushing sites and they are also sourced to a Web host. The Wall feature of Facebook is used by its users to send comments on profile of their friends.

According to Fortinet, the hijacked user accounts were used for posting innocuous spam 2.0 and not for any other purpose. It also warned that this hijacking can be used to link some drive-by-install harmful sites.

Jesse Stay, the co-author of the book 'Facebok- Now What???', revealed that there is a possibility that this incident is linked to Secret Crush, an application on Facebook. He further added that this application was installed to spyware on users' computers and in January 2008, the company was forced to remove this application but even after two months, it is still creating chaos.

While searching for "crush calculator" on Facebook, it has been found that many users have apologized to their friends for hacking into their account and sending spam messages regarding the calculator.

Jesse Stay also said that due to the installation of Zango application on users' account, the retrieved Facebook data is used by hackers for hacking into the accounts, for posting scraps to user's friend's walls, and for scraping the Wall.

The Global Security Research Team of Fortinet recommended the users that Wall posts with links should be taken care of and these links should not be followed. The users should be cautious when find a clicking link or login page while visiting a friend's message. Fortinet also advised that the user should check the login page URL properly.

Moreover, in the second last week of March 2008, Fortinet researchers found another hacking incident in which Facebook profiles were used to post images of child torture.

Related article: Facebook Users Should be Careful of a Computer Virus

» SPAMfighter News - 4/4/2008