Facebook’s Security Team Fighting Battles on Multiple Fronts

There’s been a lot of news about various security challenges Facebook has been fighting recently to protect site integrity, so here’s the latest on all fronts.

1. New Koobface worm variant

Back in August of last year, the “Koobface” worm spread throughout Facebook, tricking users into downloading software that used their login information to post messages on infected users’ friends’ walls in order to propagate itself.

At the time, we detailed the variety of mechanisms and processes Facebook has been developing to both automatically and manually detect and prevent the further spread of Koobface and other worms on Facebook. These measures include:

  1. Facebook is deleting content generated by the worm.
  2. Facebook is blocking Wall posts that contain links to known phishing sites
  3. Facebook is improving its automated systems to automatically detect abuse on the site more quickly.
  4. Facebook is posting updates on the status of security issues to the Facebook Security Page.

This week, however, TrendLabs has reported a new Koobface variant spreading on Facebook. While the approach of the new version is fundamentally the same as the old ones, it uses a slightly different landing page and code base, making it hard to instantaneously detect. Facebook says that only a “small percentage” of users have been affected by the new worm, and that is is continually working to contain and shut down all malicious attacks.

2. Lawsuit against prominent spammer

In addition to the technical and user interface measures Facebook has been implementing to improve security, it has also been pursuing alleged Facebook spammers and phishers in court.

Last week, Facebook filed a complaint against “Spam King” Sanford Wallace and two others in San Jose District Court, alleging that the defendants broke the CAN-SPAM Act (among other laws) via phishing attacks on Facebook users. MySpace won a $230 million judgment against Wallace last year for similar complaints.

Facebook also filed suit against Adam Guerbuez last year for “hijacking users’ accounts” and using them to send embarrassingly spammy messages and wall posts. Judge Jeremy Fogel awarded Facebook $873 million in that case (none of which the company is likely to actually see) last November.

3. Misleading applications shut down

TrendLabs also reported two Facebook applications this week that have violated user trust by sending spammy notifications on users’ behalf:

  • One, called “Error Check System,” misleadingly told users that certain friends were not able to see their profile and that messages needed to be sent to their friends in order to correct it. Of course, this was untrue. Facebook has deleted this application.
  • A second application, called “f a c e b o o k – closing down!!!” spammed all of a users’ friends with notifications that misleadingly implied that the user had reported their friends for Terms of Service violations. Facebook also quickly shut down this application.


All in all, Facebook is working on all fronts – spam detection, legal, and platform policy monitoring – to ensure that trust is preserved within the service. Given that over 175 million people use Facebook every month, it’s no surprise that spammers are attracted to the site. While only a small percentage of users have been affected by these security threats, Facebook  must continue to both enhance its automated systems and educate users about the tactics spammers employ. Preserving user trust is absolutely vital for the future of sharing on Facebook.