Wednesday, November 16, 2011

A way to fix your Facebook account after getting hacked

I'm posting this in response to the recent Facebook hacker attack (read here), in which a compromised Facebook user account was used to spread spam containing porn and other ugly images via newsfeed.

Here I am going to explain how your accounts got compromised, and used to spread spam. By understanding how you got controlled will help you avoid such attacks.

Facebook as you know was founded by Mark Zuckerberg and his team of brilliant computer scientists. Hacking the site directly will need some really brilliant hackers as well, probably more intelligent than Zuckerberg's team. Facebook's programming architecture is concealed and cannot be easily exploited. The hackers will have a hard time looking for holes in its programming structure, and it's not easy, thus, a direct approach would seem impossible. However, there is one vulnerability - Facebook Apps via Facebook Developers service. You may wonder, how can this be used? Facebook Developers is a module that enables third party developers to attach their code or programs, this is how third party developers manage to create apps or applications, which could range from games to cool profile add-ons. However, Facebook apps cannot be directly installed on an account, unless it is permitted. But once it is granted certain permissions (ie. access your profile information, post on your wall, post on friend's wall, etc.) then you can be taken over to some limited extent. This is one of the ways how the porn spammers manage to get through.

Other methods include message and post spamming containing links to malicious sites. Once in that site, an unprotected computer could get infected with a computer virus (usually polymorphic in nature). These type of viruses are what we call trojans. Some of these trojans can serve as spywares or keyloggers, and they could actually steal your username and password thereby directly compromising your account. Another method is called phishing. This method tricks a user into logging into a duplicate Facebook site which sole purpose is to fish your username and password.

How to fix and protect your Facebook account?

First and foremost, do not forget to log out from your account most especially when you are using other people's computers. This is a golden rule. Failing to do this can get your account taken over by a total stranger.

Now as for how to protect your FB account and fix it if it got hacked.

Hijacked Account

A hijacked account is an account taken over by another user. Some hijackers change your password and prevents you from logging into your account. When that happens, you can still request Facebook to reset your password by clicking on Forgot your password link.



Facebook will send you an email containing a link that allows you to change the current account password into your new desired password. This is, of course, providing the hacker hasn't change your email address. If so, then you may need to contact Facebook support.

Your account sends pornographic images or unwanted posts

Such is the case of the recent Facebook attack. To solve this problem, let's begin with prevention since it's actually better than cure. To prevent this, do not click on links you can't trust, and do not install weird apps.

Change your Facebook Password

In case you already got compromised, the first thing to do is to change your Facebook password. Make sure not to use redundant passwords and passwords that are easily guessed.

To change your Facebook password:
  1. Find your account settings
  2. Edit your password
Remove unwanted Facebook apps

As previously explained, apps once granted permission to post on your wall or friend's wall will be able to do so without asking you any further. If you think this app has been giving you problems, remove it or block it.

To remove an app:
  1. Click at the top right of any Facebook page and choose Account Settings.
  2. From the menu in the left column, select App Settings or Apps.
  3. Click the app you'd like to remove, then click the Remove app link. Once you confirm you’d like to remove the app, it will no longer have access to your data. It will be removed from your profile (timeline), bookmarks, and your Apps and Games home page dashboards.
Seek for an antivirus and scan your PC

OK, so now you've done all the part on Facebook, and yet, they keep coming back to take over your account? If this is the case, then I highly suspect that you got some nice malware on your computer, be it a keylogger, a trojan, or some type of virus. In this case, what you need is an antivirus. There are plenty of good antivirus out there, ie. Microsoft Essentials, Nod32, Kaspersky, Norton, Avast, Avira, etc. However, I do not recommend you to install it when your PC had already been compromised as some viruses are smart enough to infect the antivirus itself. I recommend it be ran outside of the shell. To do this, antivirus emergency disks might work. Make sure that your PC is thoroughly cleaned, in which case you may need an expert for this job.

No comments:

Post a Comment