Facebook’s Security Team Fighting Battles on Multiple Fronts

There’s been a lot of news about various security challenges Facebook has been fighting recently to protect site integrity, so here’s the latest on all fronts.

1. New Koobface worm variant

Back in August of last year, the “Koobface” worm spread throughout Facebook, tricking users into downloading software that used their login information to post messages on infected users’ friends’ walls in order to propagate itself.

At the time, we detailed the variety of mechanisms and processes Facebook has been developing to both automatically and manually detect and prevent the further spread of Koobface and other worms on Facebook. These measures include:

  1. Facebook is deleting content generated by the worm.
  2. Facebook is blocking Wall posts that contain links to known phishing sites
  3. Facebook is improving its automated systems to automatically detect abuse on the site more quickly.
  4. Facebook is posting updates on the status of security issues to the Facebook Security Page.

This week, however, TrendLabs has reported a new Koobface variant spreading on Facebook. While the approach of the new version is fundamentally the same as the old ones, it uses a slightly different landing page and code base, making it hard to instantaneously detect. Facebook says that only a “small percentage” of users have been affected by the new worm, and that is is continually working to contain and shut down all malicious attacks.

2. Lawsuit against prominent spammer

sanfordwallaceIn addition to the technical and user interface measures Facebook has been implementing to improve security, it has also been pursuing alleged Facebook spammers and phishers in court.

Last week, Facebook filed a complaint against “Spam King” Sanford Wallace and two others in San Jose District Court, alleging that the defendants broke the CAN-SPAM Act (among other laws) via phishing attacks on Facebook users. MySpace won a $230 million judgment against Wallace last year for similar complaints.

Facebook also filed suit against Adam Guerbuez last year for “hijacking users’ accounts” and using them to send embarrassingly spammy messages and wall posts. Judge Jeremy Fogel awarded Facebook $873 million in that case (none of which the company is likely to actually see) last November.

3. Misleading applications shut down

maliciousappTrendLabs also reported two Facebook applications this week that have violated user trust by sending spammy notifications on users’ behalf:

  • One, called “Error Check System,” misleadingly told users that certain friends were not able to see their profile and that messages needed to be sent to their friends in order to correct it. Of course, this was untrue. Facebook has deleted this application.
  • A second application, called “f a c e b o o k – closing down!!!” spammed all of a users’ friends with notifications that misleadingly implied that the user had reported their friends for Terms of Service violations. Facebook also quickly shut down this application.


All in all, Facebook is working on all fronts – spam detection, legal, and platform policy monitoring – to ensure that trust is preserved within the service. Given that over 175 million people use Facebook every month, it’s no surprise that spammers are attracted to the site. While only a small percentage of users have been affected by these security threats, Facebook  must continue to both enhance its automated systems and educate users about the tactics spammers employ. Preserving user trust is absolutely vital for the future of sharing on Facebook.

Mediabistro Job Fair

Mediabistro Event

Mediabistro Job Fair

Join us on January 27 at the Altman Building in New York City for an incredible opportunity to meet with hiring managers from the top New York media companies, network with other professionals and industry leaders, and land your next job! Register now!


Leave a Reply

2 Responses to “Facebook’s Security Team Fighting Battles on Multiple Fronts”

  1. Tutte le sfide di Facebook sul fronte sicurezza | 8legs says:

    [...] Via | Insidefacebook.com [...]

  2. Why Facebook Is Working with Microsoft to Fight Koobface Virus says:

    [...] a thorough job at dealing with Koobface, both preventively and reactively. As we highlighted, Facebook’s security team has implemented several security measures to stifle the spread of the virus. Those measures include the [...]

Get the latest news in your inbox
interested in advertising with inside facebook?

Social Media Jobs
of the Day

Business Technology Editor

Washington, DC

Assistant Editor

8 Inc.
New York, NY

Editorial Manager

Air Age Media
Wilton, CT

Featured Company

Join leading companies like this one and recruit from the nation's top media job seekers on the Mediabistro Job Board. Every job post comes with our satisfaction guarantee. Learn More

Our Sponsors

Mediabistro A division of Prometheus Global Media home | site map | advertising/sponsorships | careers | contact us | help courses | browse jobs | freelancers | content | member benefits | reprints & permissions terms of use | privacy policy Copyright © 2014 Mediabistro Inc. call (212) 389-2000 or email us