Sanford Wallace, 43, also known as “Spamford Wallace” and “David Frederix”, was arrested in
Las Vegas on Thursday. Wallace is accused of hacking into 500,000 accounts to harvest friend
lists between November 2008 and March 2009. He allegedly used the compromised lists to
make more than 27 million unsolicited postings on Facebook walls that appeared to come
from friends.
If targets clicked on links within the messages, they were presented with a website designed
to fool them into handing over their full name, email address and password, prosecutors
said. Finally they would be redirected to affiliate websites that would allegedly pay Wallace
“substantial revenue” for traffic.
The scheme relied on vulnerabilities that Wallace discovered in Facebook’s spam filters,
according to the indictment.
“To accomplish his scheme, Wallace first tested his spamming capabilities between two Facebook
accounts,” it said.
“[He] used a fake Facebook account of ‘David Frederix’ and his legitimate ‘Sanford Masterwb
Wallace’ account to test variations of spam messages in order to evade Facebook’s filtering
mechanisms.
“Once Wallace evaded Facebook’s spam filters he employed an automatic scripting process to
sign into a compromised Facebook user’s account, retrieve a list of all the user’s friends, and
then post a spam message to each of the user’s friend’s Facebook walls.”
Wallace is now indicted on a total of 11 charges of fraud, intentional damage to a protected
computer, and criminal contempt.
The contempt charges relate to an earlier civil case brought against Wallace by Facebook
itself.
A federal judge awarded the dominant social network $711m in damages in October 2009. The
firm did not expect Wallace to pay, but the judge also ordered him not to log in to Facebook.
According to Thursday’s indictment he “wilfully and knowingly” breached that order.
Wallace, who first gained notoriety as a spammer in the 1990s and also lost a civil case brought
against him by MySpace in 2008, was released on $100,000 bail. He faces up to three years
in jail and a $250,000 fine for each of the six fraud charges and up to 10 years in jail for each
of the three charges of intentional damage to a protected computer.
Facebook welcomed the arrest.
“We applaud the efforts of the US Attorney’s Office and the FBI to bring spammers to justice,”
“Two years ago, Facebook sued Wallace and a federal court ordered him to pay a $711 million
judgment for sending unwanted messages and wall posts to people on Facebook. Now Wallace
also faces serious jail time for this illegal conduct.
Refrence:Ncert IT
No comments: