C+P from www.msn.co.uk Concern after hacking hits Facebook Concern after hacking hits Facebook pa.press.net Computer experts have called for Facebook to review its security processes after the social networking website was hit by hackers five times in a week. Four separate "rogue applications" and a virus targeted users of the site, according to security firm Trend Micro. Although there is no evidence that people's personal details were stolen by the cybercriminals, experts fear that could be the next step. The problem lies in the fact Facebook allows people to create software to run on the site but those applications do not need to be approved first. Rik Ferguson, senior security adviser at Trend Micro, said: "I think that it is time Facebook had a review of its application vetting policy. It launched a service in November last year where people can pay to get their applications approved, but it is voluntary." According to Mr Ferguson, the rogue applications which were active last week - Error Check System, Facebook Closing Down, Bigger Than MySpace and Closing Down - sent messages to users' profiles saying, for example, that a friend had reported a violation or had a problem contacting them. Once the user clicked on the message or link, it was forwarded to everyone in their address book. It also gave hackers the opportunity to steal personal information contained in the profile, Mr Ferguson warned. The programs appeared to be test runs, with the next stage potentially proving more dangerous. Mr Ferguson said: "It looks like this is a proof of concept. They did not appear to do anything malicious other than spread themselves extremely fast and well. Now they have worked out how to do it, we would expect to see more and more malicious applications." On Saturday, a variant of the Koobface virus that first appeared on social networking sites last December, added to Facebook's problems, Mr Ferguson said. By getting users to visit a fake YouTube page, hi-tech criminals then install malicious software on to the computer. Mr Ferguson advised people to be careful about the information they made available on Facebook. Profiles should be set to private and not contain any details beyond what is absolutely necessary. "Be very careful and do not click on any strange notifications," he said. "If you receive a notification that looks suspicious do not open it." A spokesman for Facebook later claimed a review of its application vetting processes in the wake of security breaches would be like introducing "martial law" after two robberies. He said: "We've tried to make the process of building on the Facebook Platform relatively easy in order to stimulate innovation - and to allow the kid in a college dorm room to compete against the big corporation... our developer community has more than 660,000 developers, which is about the population of Glasgow. The drastic measures others have suggested is akin to saying, 'there have been two robberies, we need to implement martial law in the city'."
