We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Security activists hijack Facebook groups

Several dozen groups compromised

A group calling itself 'Control Your Info' appears to have taken control of several dozen Facebook groups, inserting its own logo and stating "Hello, we hereby announce that we have officially hijacked your Facebook group".

With a link back to a site, the apparent members - using the names 'Bella Roregit', 'Burstin Woltan' and 'Janis Roukkos' - began leaving their mark on various Facebook groups intended for topics that include entertainment, business and sports.

The Control Your Info statements declared: "This means we control a certain part of the information about you in Facebook. If we wanted, we could make you appear in a bad way which could damage you severely."

According to the Control Your Info website, the group's mission is to bring attention to security weaknesses in social media.

"Social media has become a natural part of most people's daily lives. Unfortunately, the security aspects of social media have been more or less neglected."

Control Your Info did not immediately respond to a request for comment about its activities.

Facebook, however, has issued a statement about the incident that says: "There has been no hijacking and there is no confidential information at risk. The groups in question have been abandoned by their previous owners, which means any group member has the option to make themselves an administrator in order to continue communication to the group. Group administrators have no access to private user information and group members can leave a group at any time. For small groups, administrators can simply edit a group name or info, moderate discussion and message group members. The names of large groups cannot be changed nor can anyone message all members. In the rare instances when we find a group has been changed inappropriately, we will disable the group, which is the action we plan for these groups."

Some users in the groups affected by the Control Your Info takeover were obviously displeased about the turn of events and scornful of Control Your info's explanation about how it's making a point about security by taking control.

"I have an idea, why don't I teach you about traffic safety by running you over with my car?" wrote one irate Facebook user in a group that had been commandeered by Control Your Info. "Is that how it works?"

Michael Sutton, vice president of security research at zScaler, said he doesn't think the Control Your Info takeovers constitute a major security concern. That's because the person who creates a group of this sort on Facebook is by default the administrator, and when this individual decides to abandon that by de-listing as the admin, anyone else in the group can step in to promote themselves be the administrator.

That's the way Facebook designed this type of group and is clear about it, though other types of Facebook groups, such as closed ones, have different security procedures. In that case, the Control Your Info people simply did a search to discover the type of Facebook groups that had the administrator position abandoned, and stepped in with their dramatic hijacking routine. "This is really making a mountain out of a molehill," he said.

See more:

PC security advice

IDG UK Sites

Sony Xperia Z3+ (UK Sony Xperia Z4) UK release date, price and specification: Pre-order the Sony Xp9......

IDG UK Sites

Why Intel’s vision of the future is a future I want to live in

IDG UK Sites

What Jony Ive's new job means for Apple design

IDG UK Sites

Jony Ive 'semi-retired' into new role: kicked upstairs as Chief Design Officer