Daily cyber threats and internet security news: network security, online safety and latest security alerts
November 11th, 2009

Protesters Hijack Hundreds of Facebook Groups, Pointing Out Weakness In Social Networks

Hundreds of Facebook groups have been hijacked in recent days by users pointing out what they say is a weakness in how the social-networking site handles the administration of its groups. By Tuesday morning, 286 groups had apparently been renamed Control Your Info and had a new message posted to their walls.

“Hello, we hereby announce that we have officially hijacked your Facebook group,” the message reads. “This means we control a certain part of the information about you on Facebook. If we wanted we could make you appear in a bad way which could damage your image severly [sic].”

According to Control Your Info, when Facebook group administrators step down, anyone else can take over their duties — giving them access to members’ personal information, the ability to send messages to all members of the group and the authority to make changes to that group.

“For example we could rename your group and call it something very inappropriate and nasty like ‘I Support Pedophiles’ Rights,’ ” the message continued. “But have no fear. We won’t.”

Among the groups renamed “Control Your Info” on Tuesday were a “Twilight” fan group, supporters of a high school football team and patrons of a Virginia winery.

In a statement, Facebook said no confidential information has been placed at risk.

“The groups in question have been abandoned by their previous owners, which means any group member has the option to make themselves an administrator in order to continue communication to the group. Group administrators have no access to confidential information and group members can leave a group at any time,” said a Facebook spokesperson.

“For small groups, administrators can simply edit a group name or info, moderate discussion, and message group members. The names of large groups cannot be changed nor can anyone message all members.

“In the rare instances when we find that a group has been changed inappropriately, we will disable the group,” the spokesperson said.

The names of two Facebook users who have posted Control Your Info messages after group takeovers — Janis Roukkos and Bella Roregit — did not appear to have active Facebook accounts by mid-morning Tuesday.

A message on Control Your Info’s Web site blamed Facebook for shutting down the group’s fan page. Members of the group could not be reached for comment Tuesday.

The group, which offered only a YouTube account as contact information, disagreed with calling what it had done “hacking.”

“This isn’t some kind of scare tactics, nor is it a hack, it’s a feature that can be used, and is being used, in bad ways,” the post reads. “Remember, control your info! Also, this project is strictly not for profit and done for a good cause.”

The group’s site contains pages of tips on protecting social-network users’ private information.

Not all members of the groups that were hijacked were taking the stunt in the spirit it was apparently intended.

“It’s pretty inappropriate and [expletive] you hijacked a facebook group for Palestinian rights to selfishly promote your little conspiracy theory page,” one user wrote. “I reported this to facebook and others should too.”

Credit: Technology News

Share this item with others:

More on CyberInsecure:
  • 30 Percent Of New Major Social Networks Accounts Are Fraudulent
  • Web Sessions Over Protected Wireless Networks Can Be Hijacked With An Android App
  • Botnet’s New Component Imitates Human Facebook Users
  • Facebook Mobile API XSS Vulnerability Used To Launch Spam Worm
  • Facebook Urges Public Exposure In ‘Privacy’ Revision

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Protesters Hijack Hundreds of Facebook Groups, Pointing Out Weakness In Social Networks

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.