Installed facebook app on phone & within 5hr.s it bot spammed all friends :/

Discussion in 'iPhone' started by debudebu, Feb 12, 2010.

  1. debudebu macrumors regular

    Dec 13, 2008
    I deleted it off my phone and changed facebook password on web, should I be worried about the hole phone being compromised, and what other precautions should I take? thanks
  2. nonocei macrumors member

    Oct 3, 2009
    Los Angeles, CA
    Are you absolutely sure your account wasn't phished through the regular version?

    I Highly doubt your whole phone is compromised though.
  3. debudebu thread starter macrumors regular

    Dec 13, 2008
    I use flash block and noscript in Firefox and don't go to sketchy sites really so I'm pretty sure it was the mobile version.
    Also, the bogus messages/links were sent from "Facebook mobile" and I'd just installed it 24hr.s prior.

    I've posted in their iphone app forum and am waiting to hear back, I'll update hear with any more info. In the meantime anyone else with ideas knowledge or insight on this I'd like to hear it. :cool: thanks
  4. Small White Car macrumors G4

    Small White Car

    Aug 29, 2006
    Washington DC
    I consider this HIGHLY unlikely.

    What reason do you have for thinking this? You made a very tall claim then didn't explain what happened even a little bit.
  5. debudebu thread starter macrumors regular

    Dec 13, 2008
    I got messages from Facebook friends today about the spam I'd sent them, so I looked in my sent messages and sure enough there were about 400 e-mails with links to various sites (no doubt from a bot)
    Like I said about I use Noscript and firefox so I'm pretty sure the compromise wasn't from the web. The messages were sent from Facebook mobile as well, so how is this a tall claim?
  6. Kevlar macrumors 6502

    Apr 5, 2004
    Great White North
    It is far more likely you logged into facebook on a computer that had a facebook keylogger spyware on it and that is how it got your password (yes very common now) or had a unsecure password.

    There is no way it would of gotten it from an iPhone app, apple controls what you can install, so if it was from the app it would be wide spread. The facebook 'mobile' tag is just dependent on the webbroswer type and that is easy for bots to spoof, and most do, to cause more confusion.
  7. skubish macrumors 68030


    Feb 2, 2005
    Ann Arbor, Michigan
    Sorry. I doubt it. Probably you got phished, keyloggered, or a bot brute forced your password because it was easy.
  8. grantsdale macrumors 6502a

    May 11, 2008
    Noscript and/or Firefox do not stop you from entering your password into a phishing site. Or having an unsecure password.
    Or clicking on a link that someone else sent you that you trusted.
  9. djjclark macrumors regular

    Feb 17, 2008
    Need more information:

    Did you install the official facebook app on to your unjailbroken phone?

    Did the ~400 email messages originate from your phone or other computer?

    What mail service was it?

    It seems so unlikely yours would be the only story of this on an app that has been downloaded a few million times
  10. debudebu thread starter macrumors regular

    Dec 13, 2008
    fair play on the comments, a few of you shed some light on it. It very well could have been brute forced by a bot. Also, the spoof of it coming from "facebook mobile app" seems plausible too. And lastly, it could be because my phone IS jailbroken, but I'm only running backgrounder and proswitcher.

    was a bit of an emo-post that I should have thought more logically about before posting, but it pissed me right off at the time! :rolleyes:

    Trying to narrow it down to what the source was...
  11. Switz213 macrumors 6502

    May 26, 2008
    First off, if you connect to an unsecured network and haven't changed your password on your OpenSSH, then you were highly likely compromised. Second, a lot of bot scripts use the mobile version of facebook as it takes less bandwidth and loads much quicker, so that's probably why they all originated from the "mobile" facebook.

  12. debudebu thread starter macrumors regular

    Dec 13, 2008

    Very helpful thanks.
    it seems that blackra1n doesn’t install SSH by default, so this shouldn't be a problem if I used blackra1n to jailbreak, BUT I'd installed the OpenSSH package from Cydia and had it running for weeks before I uninstalled.

    This is likely the source. I changed my password with terminal, should I do anything else to safeguard now? Thank you
  13. outphase macrumors 65816

    Jun 13, 2009
    Parts Unknown
    Another possibility is that you installed an app on Facebook that was malicious. The iPhone app is legit from Facebook, but the apps are not.
  14. ngenerator macrumors 68000


    May 12, 2009
    USG Ishimura
    Just make sure you did both the root and the mobile passwords. My friend had only changed one and got hacked a few days later, but I'm not sure which one he changed

Share This Page