Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Installed facebook app on phone & within 5hr.s it bot spammed all friends :/

D

debudebu

macrumors regular
Original poster
Dec 13, 2008
148
5
I deleted it off my phone and changed facebook password on web, should I be worried about the hole phone being compromised, and what other precautions should I take? thanks
 
I use flash block and noscript in Firefox and don't go to sketchy sites really so I'm pretty sure it was the mobile version.
Also, the bogus messages/links were sent from "Facebook mobile" and I'd just installed it 24hr.s prior.

I've posted in their iphone app forum and am waiting to hear back, I'll update hear with any more info. In the meantime anyone else with ideas knowledge or insight on this I'd like to hear it. :cool: thanks
 
I consider this HIGHLY unlikely.

What reason do you have for thinking this? You made a very tall claim then didn't explain what happened even a little bit.
 
Small White Car said:
I consider this HIGHLY unlikely.

What reason do you have for thinking this? You made a very tall claim then didn't explain what happened even a little bit.
Click to expand...

I got messages from Facebook friends today about the spam I'd sent them, so I looked in my sent messages and sure enough there were about 400 e-mails with links to various sites (no doubt from a bot)
Like I said about I use Noscript and firefox so I'm pretty sure the compromise wasn't from the web. The messages were sent from Facebook mobile as well, so how is this a tall claim?
 
debudebu said:
I got messages from Facebook friends today about the spam I'd sent them, so I looked in my sent messages and sure enough there were about 400 e-mails with links to various sites (no doubt from a bot)
Like I said about I use Noscript and firefox so I'm pretty sure the compromise wasn't from the web. The messages were sent from Facebook mobile as well, so how is this a tall claim?
Click to expand...

It is far more likely you logged into facebook on a computer that had a facebook keylogger spyware on it and that is how it got your password (yes very common now) or had a unsecure password.

There is no way it would of gotten it from an iPhone app, apple controls what you can install, so if it was from the app it would be wide spread. The facebook 'mobile' tag is just dependent on the webbroswer type and that is easy for bots to spoof, and most do, to cause more confusion.
 
debudebu said:
I deleted it off my phone and changed facebook password on web, should I be worried about the hole phone being compromised, and what other precautions should I take? thanks
Click to expand...

Sorry. I doubt it. Probably you got phished, keyloggered, or a bot brute forced your password because it was easy.
 
debudebu said:
I got messages from Facebook friends today about the spam I'd sent them, so I looked in my sent messages and sure enough there were about 400 e-mails with links to various sites (no doubt from a bot)
Like I said about I use Noscript and firefox so I'm pretty sure the compromise wasn't from the web. The messages were sent from Facebook mobile as well, so how is this a tall claim?
Click to expand...

Noscript and/or Firefox do not stop you from entering your password into a phishing site. Or having an unsecure password.
Or clicking on a link that someone else sent you that you trusted.
 
Need more information:

Did you install the official facebook app on to your unjailbroken phone?

Did the ~400 email messages originate from your phone or other computer?

What mail service was it?

It seems so unlikely yours would be the only story of this on an app that has been downloaded a few million times
 
fair play on the comments, a few of you shed some light on it. It very well could have been brute forced by a bot. Also, the spoof of it coming from "facebook mobile app" seems plausible too. And lastly, it could be because my phone IS jailbroken, but I'm only running backgrounder and proswitcher.

was a bit of an emo-post that I should have thought more logically about before posting, but it pissed me right off at the time! :rolleyes:

Trying to narrow it down to what the source was...
 
First off, if you connect to an unsecured network and haven't changed your password on your OpenSSH, then you were highly likely compromised. Second, a lot of bot scripts use the mobile version of facebook as it takes less bandwidth and loads much quicker, so that's probably why they all originated from the "mobile" facebook.

~Switz
 
Switz213 said:
First off, if you connect to an unsecured network and haven't changed your password on your OpenSSH, then you were highly likely compromised. Second, a lot of bot scripts use the mobile version of facebook as it takes less bandwidth and loads much quicker, so that's probably why they all originated from the "mobile" facebook.

~Switz
Click to expand...

~Switz

Very helpful thanks.
it seems that blackra1n doesn’t install SSH by default, so this shouldn't be a problem if I used blackra1n to jailbreak, BUT I'd installed the OpenSSH package from Cydia and had it running for weeks before I uninstalled.

This is likely the source. I changed my password with terminal, should I do anything else to safeguard now? Thank you
 
Another possibility is that you installed an app on Facebook that was malicious. The iPhone app is legit from Facebook, but the apps are not.
 
debudebu said:
This is likely the source. I changed my password with terminal, should I do anything else to safeguard now? Thank you
Click to expand...

Just make sure you did both the root and the mobile passwords. My friend had only changed one and got hacked a few days later, but I'm not sure which one he changed
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back