Venturebeat reported not long ago about the social network Friendster experiencing a 40% page view growth rate in May. According to the report, Friendster currently sits in 4th place on the list of popular social networking sites, behind MySpace, Facebook and Hi5. While the growth may be evident, the worms are also multiplying.
This is in reference to the many Friendster accounts plagued by computer worms, as claimed by Friendster staff. Even my own profile was hijacked by these so-called self-replicating computer programs. It is clear that worms exploited the vulnerabilities of Friendster.
I just logged-in. I was dismayed when everything I wrote/posted/designed since I started the account in 2003 vanished into thin air and was replaced by something new. My age was changed to [a much younger] 16, my location from South Dakota to Oregon, and worse, my sexuality to female. After the attack, I posted this in my profile:
"I used to have a very long "about me" section here. On August 28, 2007, at exactly 12:30AM U.S. Central Time, my Friendster account was hijacked! Friendster doesn't have a safe protection for member profiles. Was it a bug or virus that attacked slash hacked slash wrecked my profile and layout? I am not sure which one. What I am certain at this moment is that, my profile is gone."
I contacted them via email and got this reply in two days:
IF YOUR ACCOUNT HAS BEEN “HACKED” WE NEED THE FOLLOWING INFORMATION:
WE NEED THE ACCOUNT ID OR THE PROFILE URL OF THE “HACKED ACCOUNT” :
Please give us as much the following information as possible for the HACKED account:
Account First name:
Account Last name:
Account Email address:
ACCOUNT ID#:
I supplied them the details and requested that my old profile before the attack be restored. The answer came a day later:
Eric:
There was a worm on our site and when it infected a profile it resave the edit profile page. Once that was done the original content was over written. We apologize for this and we've patched that issue as well as moved profile off to a separate domain for them to be served from. If you feel you need to cancel your account I've included cancellation directions.
Log in to your Friendster Account>click “Settings” – upper right of page>scroll to bottom of this “Settings” page and click the blue “cancel” link >follow the instructions on the cancellation page.
We apologize for this problem.
That was it. No way that they can restore my profile. Strange though that they suggested canceling my account instead of writing a new profile.
I may have lost the long profile but, thanks still that my 458 friends are intact. I've decided to keep it and redo it.
I wish Friendster will release a security update to patch this vulnerability sooner if they intend to continue their growth.
Labels: USA Blogging
Continue Reading >>>