Facebook founder's fan page 'hacking' prompts mystery
It is unclear how the' hack' occurred
Mystery surrounds the apparent hacking of a Facebook page used by fans of the site's founder Mark Zuckerberg.
Overnight, a cryptic message was posted to the page in the name of the 26-year old billionaire founder calling for the site to become a "social business" with investment from its users.
The message has led to suggestions that the the site was hacked or Mr Zuckerberg's account was compromised.
Facebook has so far declined to comment on the incident.
Take down
The message, left in the name of Mr Zuckerberg, read: "Let the hacking begin: If Facebook needs money, instead of going to the banks, why doesn't Facebook let its users invest in Facebook in a social way?
"Why not transform Facebook into a 'social business' the way Nobel Prize winner Muhammad Yunus described it?"
Muhammad Yunus is a Nobel Peace Prize winner and the founder of the Grameen Bank, which offers small loans to people who have no collateral to get started in business.
The message also linked to a Wikipedia article about social business and asked readers: "what do you think?"
In addition, it linked to the Hacker Cup, an annual programming event organised by Facebook.
The post attracted nearly 2,000 comments before it was taken down, but not before technology blog TechCrunch spotted it.
The page, which has nearly three million fans, has also been moved to a new address, according to researcher Graham Cluley of security firm Sophos.
He said that because the site was a public fan page, which are used to promote everything from businesses and products to bands and public figures, it was likely run by Facebook staff.
"It's quite possible that other people than Zuckerberg had access," he said.
"It could have been one of those that got hacked," he said.
The hacker may have got access to the account, he said, via a poorly chosen password or spyware installed on an employee's computer that stole the password.
Walk away
He said the password could also have been stolen when an employee was accessing the unsecured version of the site over an unencrypted wi-fi network.
Last year, a tool called Firesheep was released that that made it easy for anyone sharing an unsecure connection to grab login information for many unsecure sites, including Facebook.
"I can easily imagine that something like that could have happened," said Mr Cluley.
Facebook has just released new tools aimed at shoring up user's accounts against tools like FireSheep, by allowing people to always connect via a secure connection.
However, Mr Cluley admitted that the site may not have been hacked at all and the post may have been made by a disgruntled employee.
"The other possibility is that [Mr Zuckerberg] strode away from his desk for a while and someone grabbed it and typed the message in.
"Although you wouldn't think that would do much for their job prospects".
The incident comes days after the account of French president Nicolas Sarkozy was also hacked to suggest that he was resigning.
"As a general rule this can happen to anyone," said Mr Cluley.
"Just because a person is famous or well known doesn't mean that everything that is posted from their account is legitimate."
Mr Zuckerberg's private account appears not to have been affected.
Credit: BBC (www.bbc.co.uk)
No comments:
Post a Comment