Original URL: http://www.channelregister.co.uk/2007/12/17/facebook_hack_attack_lawsuit/
Facebook is suing a Canadian skin-flick firm for trying to hack into its website.
The porno outfit, which trades online under the name SlickCash, along with a number of individuals in Toronto allegedly tried to access Facebook's servers at least 200,000 times over two weeks in June. Istra Holdings Inc., a firm affiliated with SlickCash, is named alongside individuals Brian Fabian and Josh Raskin as defendants in Facebook's amended complaint. The suit also names Ming Wu and six as yet unnamed defendants.
Facebook filed the amended complaint last Wednesday after obtaining court orders forcing ISPs Rogers Communications and Look Communications to divulge subscriber information, the Toronto Star reports (http://www.thestar.com/article/286091).
It's not terribly clear what data was accessed, much less the goals of the alleged attack. Court papers (PDF (http://docs.justia.com/cases/federal/district-courts/california/candce/5:2007cv03404/193531/17/0.pdf)) allege the defendants uploaded scripted commands to a server run by a firm called Accretive to "gain unauthorised access and launch malicious code" on Facebook's site.
Facebook encourages users to post personal information such as birth date, hometown, email address, work details and even phone numbers online. This information is shared with a user's "friends" and, in a lot of cases, other on any network a user cares to join. The social networking utility boasts a membership of 34m users.
Any amount Facebook might hope to gain from this suit is surely outweighed by the damage to its already poor reputation for privacy. More than anything else the lawsuit emphasises that Facebook is an insecure place to post personal information. Since Facebook's business model, such as it is, relies on people coughing up this information, that's hardly a good thing.
SlickCash's alleged actions are also a bit of a puzzle. Experience suggests Facebook users are more than happy to allow access to all sorts of confidential info in return for nothing much more than a game. utility or pair of virtual magic beans. If someone wants user information then writing applications rather than straightforward brute-force hacking might be a more productive approach, you might think. ®
Facebook security hole exposes Paris Hilton's . . . um, pics (25 March 2008)
http://www.channelregister.co.uk/2008/03/25/facebook_exposes_private_pics/
Moroccan IT engineer arrested over fake Facebook account (18 February 2008)
http://www.theregister.co.uk/2008/02/18/morocco_fb_fake_prince/
Facebook checks for Cambridge applicants (11 January 2008)
http://www.theregister.co.uk/2008/01/11/cambridge_facebook_takeup/
Feel the burn: in the aftermath of year's biggest hype (27 December 2007)
http://www.channelregister.co.uk/2007/12/27/2007_hot_air/
Facebook accuses MP of impersonating MP (19 December 2007)
http://www.theregister.co.uk/2007/12/19/mp_facebook_ordeal/
Facebook takes the Captcha rap (13 December 2007)
http://www.channelregister.co.uk/2007/12/13/facebook_captcha_goes_wrong/
Facebook CEO capitulates (again) on Beacon (6 December 2007)
http://www.theregister.co.uk/2007/12/06/facebook_capitulation/
Facebook founder loses court battle to keep personal data offline (3 December 2007)
http://www.theregister.co.uk/2007/12/03/zuckerberg_files/
I'm in privacy trouble ... bitch (29 November 2007)
http://www.theregister.co.uk/2007/11/29/facebook_beacon_fiasco_lessons/
Facebook 'to drop' creeptech ad system (29 November 2007)
http://www.channelregister.co.uk/2007/11/29/facebook_beacon_ditch/
Facebook mounts Tupperware-style ads push (7 November 2007)
http://www.channelregister.co.uk/2007/11/07/facebook_socialads/
Snooping on users Facebook 'staff perk' - claim (29 October 2007)
http://www.channelregister.co.uk/2007/10/29/facebook_staff_snoop/
Facebook promises stronger safeguards (17 October 2007)
http://www.theregister.co.uk/2007/10/17/facebook_agrees_stronger_controls/
Many Facebook users expose all to strangers (14 August 2007)
http://www.channelregister.co.uk/2007/08/14/facebook_user_survey/
Facebook quells fears over code leak snafu (13 August 2007)
http://www.channelregister.co.uk/2007/08/13/facebook_code_leak/
Facebook security glitch exposes user in-boxes (31 July 2007)
http://www.channelregister.co.uk/2007/07/31/facebook/
Senior execs targeted in 'precision' malware attacks (2 July 2007)
http://www.channelregister.co.uk/2007/07/02/personal_malware/
Grifters find rich pickings on social networking sites (17 May 2007)
http://www.channelregister.co.uk/2007/05/17/social_networking_hack_risk/
Social networkers risk losing their identities (4 October 2006)
http://www.channelregister.co.uk/2006/10/04/social_networking_security_survey/
Facebook mods controversial 'stalker-friendly' feature (8 September 2006)
http://www.theregister.co.uk/2006/09/08/facebook_climbdown/
© Copyright 2008