October 10, 2022

Horse 3082 - Anatomy Of A Hacking

Please Unfriend my old Facebook account. Azu Ssb who is the current owner of that account (according to their email account) is not a nice person. 

I would like to say that last week my Facebook account was hacked. The problem with this is that 'hacked' is not exactly the right word for it. 'Hacked' would imply that the account was compromised. No, what happened was far more insidious. My Facebook account was outright stolen and the person who now operates it, no only has full control of it but then went to the effort of holding it to ransom and asking me to pay to regain control.

Earlier in the week, Optus customers had their accounts compromised when their details were stolen after hackers had got into the databases of the telco. Telstra customers found that there had been a breach of their details not long after. Vodafone customers were told that their accounts might also be under attack. In my case, my Facebook account was stolen not through any of the above avenues but probably by a similar method of attack, where they had got in through via the Virtual Private Network to the Australian Taxation Office.

I will admit to not being very tech savvy. Sure, if you give me a USB cable and a copy of the data dictionary necessary to diagnose problems in a motor car via OBD2, or ask me to set up a printer or other device within a LAN, then I can do those things. I can apparently do seemingly magical thing with SQL and write queries for databases which will generate useful reports which can then be exported to Microsoft Excel; which means that I am very useful in an office environment. I can even plug cameras, microphones, projectors, speakers and other devices into sound desks and video switchers, which is also useful for small scale video and audio production (and by inference edit audio and video). However none of those things were even the slightest bit useful in making sure that my Facebook account wouldn't be stolen.

When we use our software to lodge tax returns, it opens up a Virtual Private Network (VPN) and from what I am led to believe, then for a short period of time sets up a temporary drive as a partition on both the server at the ATO and at our end; so that it can transmit and copy the necessary files to lodge said tax returns. Also as I am led to believe, last week when I was lodging a tax return, the nefarious actor who stole my Facebook account, was also able to gain access to my C: drive and have a rat around for Facebook login details. I have no idea how long it would have taken them to do this but I assume that the process was automated.

The earliest that I found out that my Facebook account was stolen, was when I got a phone call from someone if I was okay and why I was asking for money. I told them that I was fine, that I didn't need any money and that they should ignore my Facebook account.

After this, I tried logging in and found that not only had the primary email details changed but tha Facebook wouldn't accept any of the recovery details either. So after this and logging onto my email account, I found a series of emails from someone, who was demanding that I pay them $109¹ via a PayPal wallet or Bitcoin account, to unlock my Facebook account.

What this now means is that my old Facebook account is now owned by someone else, who wants to demand money from people and who should be ignored. 

Unfriend it.

Now obviously I find this annoying as this means that I have had to rebuild the world but more importantly, have I learnt anything from this:

1. Turn On Two-Factor Authentication.

2. If someone is going to ask you for your email address, do not give any confirmation codes.

3. Make sure that you are polite, even to people who mean to do you harm.

More than likely, the people who have decided that stealing Facebook accounts and trying to extort money from people have already crossed over lines of nicety and managed to quieten down the voices of their conscience to the point where any internal voice that says that they are doing wrong, has been ignored. People who act contrary to their conscience can rightfully said to be either brutes or animals but even so, they must have pretty awful lives if stealing Facebook details is their source of income. 

As someone who has had something stolen from them, I guess that I should feel violated in some way but apart from the inconvenience, I just feel disappointed. On the other side though, the number of people who showed concern and care and who have messaged, or phoned me to ask if I am okay, was lovely. To everyone who took the time however small, please know that you are appreciated. Yet again I am reminded that wrapped inside these electro-mechanical meatbags that we call humans, are both monsters and marvels. People contain multitudes².


"Can you do me a help?"

After setting up a new Facebook account to replace the old one, several people have then reported that this is the message that they received from "Me" via Facebook Messenger. Rest assured, I find this request gauche for a number of reasons:

Firstly, even if I was in serious financial trouble, I would not be asking people on Facebook to help bail me out. There are other channels like Kofi, Patreon and GoFund Me which would be far more useful.

Secondly, while the English language has been verbing nouns and nouning verbs since before Arthur decided that securing weaponry from ladies in aquatic settings was a better idea than democracy, I just find this particular sentence construction weird. 

Yes, you can chair a meeting and just to hammer home the idea, you can table the points but "do me a help" sounds daft in my mind's ear. "Can you do me a favour?", "Can you please help me?"; "Help me, Obi Wan. You're my only hope³.", are all better requests. I like the economy of the words used but as someone who very obviously will use a thousand words and whose vociferousness knows no satiety, I am fairly confident that I would never utter anything like this in this way. 

¹ This is an oddly specific amount.

² If you have one quote from Walt Whitman, it is just a quote. If you have many quotes from Walt Whitman, it is a Whitman's Sampler.

³ At the time, Obi Wan was Leia's only hope. Then she found A New Hope.

⁴ No footnote 4⁴.

⁵ ...is right out.

No comments:

Post a Comment