Facebook Hacked By 4chan, Accounts Compromised
So there’s a Facebook screenshot floating around in the Blogosphere depicting a woman with a very embarrassing status, as Mashable naively reports. Truth is, a Christian dating website was compromised by 4chan hackers and they used the information to take over the victims’ Facebook pages.
Screenshots
I’ll get right to it: below are some screenshots of other compromised Facebook accounts, posted by the hackers themselves. Some even have 4chan visibly open in another browser tab within the screenshots (which will open in a new browser window/tab).
Compromised Facebook Account, actually pretty humorous.
[/caption]
Yet another one, this one being pretty twisted.
[/caption]
"Your teeth match your skin!" - hilarious (although cruel)
[/caption]
More 4chan racism
[/caption]
The one that started it all
[/caption]
More about the attacks
The unnamed Christian dating service I mentioned earlier had an exploit in the website that allowed the entire list of usernames and passwords for the site to be exposed. The files were then placed into “christian.txt” (seen in some of the screenshots), then posted on 4chan where they were spread amongst other hackers.
Not for certain, but I believe the use of the same password for both email and the dating service allowed the hackers, armed with the user database contents of the dating website, to enter the email accounts of the victims where they could retrieve a generated password recovery email from Facebook.
If this is the case, then Facebook may not have been the only target of the attacks, although it is certainly the most prominent. You can see Yahoo! email accounts open in background tabs in some of the fuller screenshots, as well as 4chan and the “Christian.txt” file listing the users.
Before we get in trouble…
We don’t condone hacking. I posted the screenshots because I thought I should elaborate the cause of the Facebook photo everyone has been talking about, but other than that I don’t find many of the attackers’ comments very funny, except for a few harmless non-racist comments such as the teeth insults.
In case my educated guess as to the cause of the attack is correct, let me say that I or anybody else here didn’t participate in the attacks. Honestly.
And finally, don’t do this. I’m sure these attacks caused many people a lot of grief, especially the more twisted suicide threats and others that may have caused law enforcement to get involved. It just isn’t funny at all, especially at that point.
That said, I hope everybody knows what really happened with this now. Don’t re-use passwords, and webmasters: sanitize your inputs. That’s all, folks.
Comments (122)
zaza said in August 23rd, 2009 at 6:53 am
if you break into a house where the key lays under the carpet you’re a burglar too… it’s the same thing
but it’s sure funny as hell, it’s pretty clear that it’s fake, and nobody really get’s hurt.
FAKE?? I was there the whole time tared!
How do you know 4chan did this? I see no proof thats what happened it was probably a site like 4chan ex. Ebaumsworld.com Prove that /b/ did it because I doubt they did.
get a brain, morans. it was all over the ebaumsworld forum
User Gravatar
bizlady08 said in August 22nd, 2009 at 8:16 pm
Hey Stephen,
Thanks for the info. What is 4chan exactly? So, these FB accounts were compromised through an unsecured 3rd-party site? I’d hate to think my FB account could be hacked so easily.
Thanks again for taking the time to post this info. Much more insightful than what Mashable posted. In fact, I was easily able to find the FB page “that started it all” through the screen shot. Please X out the friends names to protect their privacy.
LMAO!!!!
All you wanna/b/tards do know that posting here logs your IP if you’re not behind 9001 proxies. phayl hard, newfags, and smell the pixels
Well it’s there own fault for not changing their passwords, eh? I mean, if you have a milkshake, and I have a milkshake, and I have a straw. There it is, that’s a straw, you see? You watching?. And my straw reaches acroooooooss the room, and starts to drink your milkshake… I… drink… your… milkshake!
it was ebaumsworld! not that other site!
IT WAS EBAUMSWORLD, IDIOT
ebaumsworld.com did it
I can’t believe ebaums would blame this on 4chan! We’re not all bad over there!
We did do it
Typical Ebaumsworld. Always doing racist and horrible things
ebaumsworld did this not 4chan.
ahahhahhaha EBAUMSWORLD STRIKE WAS SO PERFECT, IT GOT PASSED OFF AS 4CHAN! HIGH FIVE GUYS, HIGH FIVES ALL AROUND!
Fuck ebaums, we get blamed for all their shit
ebaumsworld has done it again! Stupid hackers from ebaumsworld
DON’T GIVE 4CHAN CREDIT FOR THE WORK OF EBAUMS
WOW fuckin ebaumsworld up to so stupid shit again!
This isn’t a hate crime.
It’s simply the Internet exposing its hypocrites.
These “upstanding” folks, these “good” and “morally correct” Christians, often turn out to be nothing but hypocrites who use their faith to justify their own misdeeds.
Wake the fuck up — just because someone is a victim doesn’t always mean they don’t deserve it.
IT WAS ALL EBAUMS!
we are legion
I feel like someone should warn you that a lot of events like this get foisted off on 4chan despite the fact that they originated in places like BeyondBirthday and even Ebaums, there are boards other than /b/ and they get a bad reputation because of blogs like this.
The press should be made aware of the fact that many of these members of this Christian DATING site also turned out to be MARRIED so who is really at fault here?
..and those 4chan losers got no h4xx0r 5ki115 eb4ums pwnz xt1an a55 everyone knows that
Everyone, don’t believe this! It’s not 4chan! It’s Ebaumsworld, they’re behind this all! All the Ebaums people are sworn not to name Ebaums and EVERYTHING gets blamed on 4chan instead but I got banned, so what do I have to lose now!?! HAHAHAH FUCK THE MODS FUCK EBAUMS
ebaumsworld did this not 4chan.
someone needs to kick his ass
The login list came out about 6 months ago, but Eric Ebaum took it upon himself to post it again the other day, whereupon the accounts were compromised yet again, resulting in the images above.
Just to note, you left that Reverend Bob guy’s phone number unblocked in the images. He’s probably getting a crap ton of phone calls and texts right now.
id welcome them to hack my fb if they were going to write that sort of gold on it….genius
I am 12 and what is this?
How was the Palin hack started by ebaumsworld. Wouldn’t they post the password on ebaums instead of /b/? The top 100 poll, did you even look at the first 21 names? trust me, whatever you think ebaums is capable of doing, the average /b/tard can do just as easily.
@Peddy Bear
OLOLOLOL
nice try
Dude, it wasn’t 4chan who hacked into those poor Christians’ accounts. It was a site called ebaumsworld. Everything bad that’s been happening on the internet was ebaumsworld users’ doing. See the Palin hack, MTV Music Awards Rickroll, TIME Top 100 poll (rigged by ebaumsworld to pin it on moot, a mod on 4chan), and many many more.
Trust me, 4chan users would never do such a thing. They’re incapable of it. Most of them are just overweight 15 year old losers who like pictures of cats and hentai.
Peace.
What is 4Chan?
http://en.wikipedia.org/wiki/4chan
http://encyclopediadramatica.com/4chan
The internet hate machine is at it again…
That is some funny stuff.
Mate, when your censoring images, remove the title bar text…
Hate crime? You’re an idiot. This is hilarity at its best. Getting the cops involved in something like this is like calling 911 because McDonalds shorted you a nugget.
Don’t reuse passwords and this type of shit won’t happen. Idiots.
Oh dear, thank you very much for the biggest laugh I’ve had in some time. I’m in tears.
That’s not hacking, that’s using a dumped list to get the websites stupid “security” to work for them to make the website insecure.
This should be prosecuted as a hate crime if they can track down any involved.
@traitor /b/tard lol they dont give a flying SHlT about some random blog on the internets./b/tards get DDosed all the time and act like nothing happened.
I’m 12 years old and what is this?
I hate 4CHAN, one time it went to my blog and tried to hack it. But I’m pretty good with my MAC so I was able to stop it before it got in.
This happened six months ago, it even made its round on various news sites. It was singles.org that got hacked.
Why bloggers are resurrecting this story as if it happened yesterday is beyond me.
OLD NEWS.
“I honestly wouldn’t know. Like I said, I don’t visit the board, but everything I see originating from it looks like blatant racism at first glance. There may be a meta-joke in there, but I just see racism as one whom doesn’t visit the board let alone understand its jokes.”
You realise you just admitted to being a moron who likes to judge with no supporting evidence, right?
Anyway, that shit is SO cash. But you act like it’s over…
It isn’t.
Dont go to 4chan Or your FB will be hacked too! LOLZ!
This page has been targeted by 4chan.org/b/ for raiding. Most of the comments you will see are lies, deciet, or ‘trolling’. Be warned. Do not follow any links. Do not download any files.
LOL, I love 4chan so much.
I feel kinda bad for those people though… I hope they got things all straightened out.
not a very good job covering things up. see some penis in the NSFW pic and a couple full names.
YAY ANONS!!
nice troll pedros
folks, there is a reason why 4chan is called the internets anus, because its mostly crap, with a couple gold nuggets in it, scaturday was a fine example of it. Also, this yet again proves that the only god online is anonymous
“That said, I hope everybody knows what really happened with this now. Don’t re-use passwords, and webmasters: sanitize your inputs. That’s all, folks.”
You forgot one other big rule for webmasters: Never store the original password in the database! Always do a one-way hash with a salt. This page tells both why and how:
http://www.15seconds.com/issue/000217.htm
There is a mistake in this article. The actual site is called ‘ebaumsworld’ not 4chan. Ebaums is a site filled with over 9000 hackers on steroids, beware! Protect your passwords and use unique ones.
haha that was funny. They kept posting screen shoots. I lulz’d hard. Wheres Donna’s?? hers was the funniest. LONG LIVE /b/! LONG LIVE QUEEN /b/oxxy!
Downvoted for ‘facebook hack’ lie.
Wow, 4Chan ROCKS. The moderators are total WANKERS, but 4chan in general does ROCK!
RT
http://www.web-tools.us.tc
ROFLMAOBBQ I LAUGHED SO HARD AT THAT KKK ONE THAT WAS HILARIOUS! ROFLROFLROFL
if you break into a house where the key lays under the carpet you’re a burglar too… it’s the same thing
but it’s sure funny as hell, it’s pretty clear that it’s fake, and nobody really get’s hurt.
Gahahaha cant believe facebook got hacked…. jk im surprised it took this long. FB are newbs and their security sucks the balls… xtian fags
where exactly is the link on 4chan’s site to see this? that website is unbrowsable…
where are the source files for this?
For the record, I find 4chan absolutely fascinating from a pop-culture stream of consciousness standpoint. /b in particular but at this point they’ve infected pretty much all the high traffic boards over there. /b is the collective. You can ask for anything from still photos of midget porn in b/w to some guys address and some criminal/scriptkiddie/metaracist will make it their lifes mission for the next 20minutes to make it happen. They have been detectives (tracking down that kid who was torturing cats and posting the vids to youtube) pests (staging takeovers of other websites, sometimes for days,for no other reason than to be jerks) softcore porn producers(if you’re into jailbait pictures side by side with a picture of a gaping shotgun wound to the head.)
Its like xbox live. If some 6 year old calls me a homosexual, I can either get all butthurt about it, or I can go on like it doesn’t affect me, which it doesn’t. Either way, at some point you have to make peace with the fact there are millions of stupid people out there, but as a group they can still be relevant. If you can stand to read past the nearly constant profanity, you will find it hard to look away.
Stephen, Don’t you find it at all ironic that you don’t want to publish your last name, yet you’re celebrating the fact that dozens (if not hundreds) of people had their privacy violated?
Thanks for setting up a blog that doesn’t look like total sh!te.
I enjoyed the post as well. Anonymous is spreading well.
Please note that the full name of the individual in the “Your teeth match your skin!” insult is viewable at the top of the image. You may want to edit or remove the image to protect her and yourself.
Really? If you can enter someone else’s password and username that was practically *GIVEN* to you into a input box you’re a “hacker” now?
How can you not support this? With your help it might have blossomed into a much more mature slaughtering of family values.
Just thought I should point out that Anonymous wasn’t the first group to discover the security hole in the Christian dating site Singles.org.
In fact, it was originally discovered by somebody named Jenn from ThisIsARecoding.com
(<3 ya Jenn)
Then it was posted on the PhoneLosers.org forums. So phonelosers like myself had first grabs at the exploit.
Then it was posted, with Jenn’s knowledge, on PreHack (which is now called BeyondBirthday.com). Somewhere along the lines, Anonymous found it and posted it to 4chan’s /b/ imageboard.
But just to make it clear… it was NOT originally their idea.
MC Lepus: I don’t visit the site, but I can understand if one section gives the whole site a bad rap.
These days, when 4chan is in the headlines, is it not because of some outrageous/criminal event? I’m sure there are good intentions to be found within the site, but the majority of the site and what is seen in the press (the /b/ board) is 9/10 times negative.
a 4channer: I honestly wouldn’t know. Like I said, I don’t visit the board, but everything I see originating from it looks like blatant racism at first glance. There may be a meta-joke in there, but I just see racism as one whom doesn’t visit the board let alone understand its jokes.
‘typical racist comments’
You realise that the ‘racism’ in 4chan is actually a meme/joke in itself right? How is a joke racist if it is actually making fun of racism?
Never take a 4chan meme at face value. It can be a meta-joke or inside-joke, or it can be a self-parody. 4chan is more complex in it’s ways more than anyone can comprehend, including me.
@Stephen, You defame those on 4chan who are not members of the /b/ forum,
4chan began as a board for fans of Japaneses culture,Creative interersts and, the hackers and Anonymous forums. take a look around the rest of the board.
bizlady08: 4chan is an imageboard at http://www.4chan.org. It is comprised of hackers, very bored teenagers, criminals, and members of the group Anonymous.
The accounts were compromised through a third-party website’s security flaw, and the hackers then used the list of email addresses and passwords to compromise the email accounts. Since the dating website’s passwords and that of the corresponding usernames were the same, this was easy to do.
(lesson to be learned: use strong and unique passwords for different sites)
And as far as the screenshots go, I personally think it is OK just to scratch out the last names, phone numbers, and not-safe-for-works (NSFW) elements of the screenshots alone. The “one that started it all” was directly from Mashable, who used a very cheap MSPaint coverup.
If any of the individuals within the screenshots contact me wishing for these images to be removed or further obfuscated, I would be more than happy to comply.
Thanks for reading
^^^ you don’t know what 4chan is? where have you been?
Hey Stephen,
Thanks for the info. What is 4chan exactly? So, these FB accounts were compromised through an unsecured 3rd-party site? I’d hate to think my FB account could be hacked so easily.
Thanks again for taking the time to post this info. Much more insightful than what Mashable posted. In fact, I was easily able to find the FB page “that started it all” through the screen shot. Please X out the friends names to protect their privacy.