Hackers steal Facebook Pages – creator loses administrator rights

Come Watson — there is trouble afoot!

I have just learned the hard lesson that hackers can steal your Facebook pages right out from under you.

I manage a number of Facebook Business Pages (formerly termed ‘fan pages’). As of about a week and a half ago, three of these pages somehow got hacked. Somewhere in this this timeframe, the hackers have been able to assert themselves as administrators of these pages. Even worse, on two out of these three pages, the hackers have been able to delete me from the list of administrators of those pages. Read that again, and give it a moment to sink in…

Got it? Now here’s the kicker — so far Facebook seems unwilling to try to rectify the situation.

With the recent page redesign, it took several days before I realized that I had been hacked. I thought I was just caught in some transitional SNAFU. No such luck.

After realizing I’d been hacked, it took several days of concerted effort to try to contact a human within Facebook. After making contact, their reply seems to be a decided unwillingness to assist in the problem.

Now for the sordid tale…

About a week and a half back, the following seemingly innocuous drivel was posted to three of my pages:

Facebook hacker's spam
Facebook hacker's spam

I thought it was kinda insipid. However, not wishing to sadden a foreign fan, who perhaps had some emotional investment, I just left it be. Incidentally, google translates this as Albanian for Give the fans a little like ksaj site because it is a good site sh. Whatever the heck that is supposed to mean.

Later that day, a Usual Suspects ‘Group’ (as opposed to Usual Suspects Business Page, which we have been discussing up to this point) sprung into existence. Curiously, anything posted on the new Group also appeared on our Page, and anything posted on our Page appeared on this new Group. Weird. This factored directly into my assumption that FB was just hosed again, as they were in the midst of re-designing the facilities in the Business Pages.

A couple days later, I went to create a FB Event for a gig the Usual Suspects had coming up, on the Usual Suspects Page. I found that I was unable to do so. Further, I discerned that the reason I could not create an event was due to the fact that I was no longer an administrator for this page. Still thinking it to be a temporary SNAFU related to the Page facility redesign, I shrugged it off.

Eventually, on the 24th of February, the above spam reappeared. A friend of mine pointed out that it appeared nearly simultaneously on three pages I created, and (until I was cast off) administered:

http://www.facebook.com/usualDashSuspectsDotNet – The Usual Suspects
http://www.facebook.com/NovaDashKDotNet – Nova-K
http://www.facebook.com/LeeThomasBand – The Lee Thomas Band

These posts must be annoying at least some of our fans. So I decided to delete them from these pages. It was at this point that I discovered, to my horror, that I had lost administrative privileges to both Usual Suspects and Nova-K.

Interestingly, I still had privileges to Lee Thomas Band (I theorize below as to why this may have escaped the fate of the other pages). This led me to viewing the page as administrator, and viewing the administrators for this page. I noted then that administrative privileges had been granted to 5 people I had never heard of:

  • Ervin Gjurra
  • Argent Metallaj
  • Da Rk THunder
  • Taulant Kocillari
  • Don Kevii Unic

I revoked the administrative privileges of these five. I then started trying to report these people. Unfortunately, FB has no means of reporting that they have hacked my account. The nearest I could find was:

  • Report User > Fake Profile > Impersonating > Joe Bear

as it seemed the closest match.

I spent some time perusing the profiles of these hackers. Interestingly, ‘Taulant’ lists ‘Argent’ as one of his/her over a dozen siblings – may this denote a hacker family?

How did this happen?

I wish I knew. Here is what I think I can deduce. I don’t know how, but it seems clear that one of these five hackers was able somehow to hack my personal profile. Upon doing so, they granted themselves, and their friends, administrative privileges to three of my Business Pages. Why only three, when there are several more they could have hacked? I have no idea. After getting in, they deleted my personal profile’s administrator status for two of these three Biz Pages.

In the case of the third page, I retained my administrator privileges. Did they try to cast me off here too? I don’t know. However, at the time of the attack, I had an active FB Ad running for this page. Perhaps administrators cannot be cast out while running Ads for the page in question?

When I marhall the mental energy, I’ll generate a new post outlining the (rather unhelpful) communication I have so far had with humans at Facebook about this issue. Word of warning- so far, it ain’t pretty.

8 thoughts on “Hackers steal Facebook Pages – creator loses administrator rights”

  1. This is quite an old post, but still adding my 2 cents. It´s pretty simple. You either leaked your username and passwords somewhere, or you clicked on a link that took you to a page that looked like facebook, or to an app in facebook that asked you to re enter / auth your facebook account. In some cases you could have used a third party plugin where you have to enter your facebook details and they leaked your details to the hackers. Lastly, you could have been using facebook through a non secure http instead of https connection, and your data was intercepted. You could also have been keylogged if there was spyware and keyloggers installed on your machine via a virus. Really lots of things that can go wrong. best anti virus is not to use windoze at all and then it´s a matter of common sense on facebook and other websites.

  2. Yea. I kind of have the same issue. The band I was with created a page and then let people outside the band manage it. Bad idea. I guess the admin’s page was hacked and now we dont have access to update or delete the page. SUCK BIG TIME..

  3. @Bitcoin Man – I’m not sure what your comment has to do with my post. However, I can’t let a mention of Bitcoin go by unanswered.

    PayPal does have issues – most notably their assumption that, in the case of dispute, the seller is always in the wrong. This leads to reversals of transactions. Scammy buyers often end up with both the product or service the seller provided, plus their money back in their hands. However, for some time it was the best that we had at our disposal. And worked pretty well , for the most part. I personally would not claim that it “really sucks”.

    But Bitcoin does indeed solve the ‘reversal by a scammy buyer’ problem. And many others that are shared by all ‘traditional’ fiat currencies. I am hopeful that in time, the world will come to adopt Bitcoin as the default currency for all transactions. Everywhere. For everything.

    Bitcoin cannot be debased by nations (or any entity), to fund wars, transferring the wealth of the populace to politically connected insiders through the invisible tax called inflation. This fact can lead to an entirely new organization for all of society – where the people are more important than the nation-state.

    As I am sure you are aware, these are merely two of the many properties which make Bitcoin far superior to fiat currency (such as Federal Reserve Notes, which in the last half century or so have become counterfeit US Dollars). These beneficial properties have led to an explosive growth of the use of Bitcoin over the last couple years.

    To the reader: would you like A Better Money? Watch this short introduction: http://www.weusecoins.com/

    Then leave your comments here. If interest dictates, I’ll write a series on Bitcoin.

  4. I am going through this right now! I had a page called The Helping Hand-Dubuque Area Group and added a few HS friends as admins. They went and deleted me from my own group and Facebook doesn’t seem to have any policy that allows me access to it! I am so frustrated!

Leave a Reply