Facebook Hacking Scripts On UserScript.org Are Fake, Or Worse
Over the past two months or so I have seen a number of Facebook hacking scripts posted on the userscripts.org website that supposedly hack into a user's Facebook account. These scripts - sorry no links - are fake, they won't work, and are maybe even malicious in nature.
The developers use fake reviews and fans to promote the scripts to the frontpage of the Userscripts website to attract more attention. When you look at the reviews and user accounts, you will notice a trend:
- All users give five stars to the userscript
- All accounts have a review profile that contains a lot of deleted scripts
- The language is basic, and usually with bad punctuation and grammar
Facebook Hack Script
Popularity does not happen overnight, and six five star reviews after a script has been available for an hour on the site is rare, but not unseen of. The next clue is the description on the script's frontpage.
It links to a blogspot blog and a direct download link right away. That download link should get you thinking. Why is there a need for a download link again,when scripts get installed directly in the browser?
The reason is simple: The script is used as a teaser to get users to click on the download link. If you look at the script's source code, you will notice that it is doing nothing at all.
If you open that link in a browser, you are taken to one of those survey doorway pages. Fill out a survey before you can access the contents behind. The poster of the script makes money from those surveys.
Judging from the screenshot posted on the Userscripts website, the actual program looks fake. I closed the browser window once the survey popped up as I had no intention of costly subscriptions or leaking of my personal information to a shady advertiser to verify that first hand.
Even if the program is not fake, which is a really slim chance, it should not be posted on the Userscripts website in first place.
The team behind the scam are pushing other scripts as well. At the time of writing their pushing a Facebook Hack script and a Free Calls Worldwide Hack script on the site. My recommendation? Delete the scripts, ban the poster and reviewer accounts, change the way scripts are promoted to the frontpage (e.g. only after a specific time of being listed), or moderate scripts before they are posted on the site.
There are other scripts out there that are being used for malicious purposes. Some like a lot of pages on Facebook using your account, and others may even steal user data from you.Advertisement