How was Mark Zuckerberg’s page hacked?
Published 26/01/2011 | 15:28
The news that Mark Zuckerberg’s Facebook fan page was hacked is not reassuring news for regular users of the popular site, according to security analysts.
Zuckerberg’s respective personal and fan pages are not subject to any special security protections, despite the 26 year old techie having personally created the site.
However, internet security experts are shocked that such as prolific technology expert, as Zuckerberg, could have been the victim of a hacking attack.
The fact that Facebook’s army of spokesmen are “refusing to comment” on the attack, despite numerous screen shots strewn across the web proving the attack happened, since the fan page has subsequently been taken down, (at the time of writing), speaks volumes.
But how did Zuckerberg fall prey to an attack on his own site?
Graham Cluley, senior technology consultant at internet security firm Sophos, said: “I suspect one of two things left Zuckerberg vulnerable to hackers.
"Most likely he either picked a dumb password which attackers could easily guess, or he was targeted while using an unencrypted Wi-Fi network by somebody using Firesheep – a tool that allows people also using the same unencrypted network to access other’s password protected accounts.”
“It is difficult to know exactly why or how Zuckerberg’s fan page was hacked. He could have also had some malware on his computer which grabbed his username and password when he logged on and then hackers used the information to attack the page. However, I think the other first two possibilities are more likely.”
He continued: “I think this hack is really embarrassing for Facebook, because if Mark Zuckerberg can be hacked, other users are just as vulnerable.”
Zuckerberg has over two million fans on his page and regularly updated it, most recently posting a link to the Time Magazine article, which named him ‘Person of 2010’.
Security experts urged Facebook users to pick difficult, non-dictionary words as their passwords and to download browser plug-ins which force WiFi networks to be encrypted, when using password protected sites, such as Facebook.