My Mom's facebook account was somehow compromised and it posted these links ending in .tk to all of her friends walls, saying to go to this link to check out this video.
I am scanning her computer with a few programs, but I don't think its that likely that her actual computer is compromised, as that just the facebook account is and it is somehow hijacked with some fake application or whatever she clicked on (She said she click on a weird link within facebook.)
I changed the password and deactivated the facebook account, but I'm not really sure that is going to even effect the actual facebook account being compromised by a application or some other facebook thing. I check her account before deactivating it, and there don't seem to be any applications, or any thing else that is granted any permissions to her facebook account, however I;m not exactly sure how to confirm this.
I have her using another computer, while I check her computer for a while, but In terms of the actual facebook account, once we Reactivate, how can we check to make sure it is clean of some backdoor or application that is allowing it to be compromised?
This is pretty weird because of all this integration with application and whatever crap facebook has on its site, that it seems a account can be compromised even if the computer it is being accessed is not. Is there a way to disable any automated access from any application or service that can access your facebook account other than someone actually logging into it with a browser?
Does it seems likely that somehow people were just able to control her account at one particular time, or that they somehow got her password, but that to me implies that the computer is compromised, which I am still checking but find pretty unlikely, as its pretty secure.
.tk is in Tokelau,Tokelau consists of three atolls located about 483 km north of Western Samoa, controlled by NZ I think, you cannot delete a facebook account, it's always there, if there is no "sensitive" material there, no big deal, it's not like Facebook is secure anyway, tell Mom to learn the lesson and not to click on stange links, BTW use Avast antivirus and it'll warn her when she see's a infected web page, download MalWareBytes (http://www.malwarebytes.org/) and run it, it'll let you know if there is any virus or trojans there, what A/V program were you using?
Well I don't think that the link she clicked on actually made any changes to her actual computer. She had Microsoft Security Essentials running, it didn't detect anything, and she was using windows 7 with very strong UAC enabled, she doesn't clicked on things that ask for permissions via UAC, aka admin rights to the computer.
I ran malwarebytes, and avg free scans right after and they picked up nothing. I'm thinking the link she clicked somehow just sends spam as your facebook account when your logged in, but I don't think it installed a keylogger or anything like that, it just did things within the facebook account.
Facebook is turning into such as big platform now, theres all kinds of app's and other crap that can integrate with it, and access your account if your let it. But I checked her account for apps and anything granted permissions to it, and nothing showed up.
I'ts just annoying there is no good way to scan your actual facebook account for malware that has somehow attached itself to it, unless knows of a way.