Local columnist claims a Mac "virus" ate his Facebook

Matt Saxton is the Midland Reporter Telegram's news editor and he regularly authors a column. Today's column documents what he calls a virus that attacked his computer and wreaked havoc with his Facebook account. He makes a specific point that he uses a Mac, and that the virus accessed his Keychain account, which is the Mac operating system's program for protecting and managing sensitive data like passwords.

Color me skeptical.

The hacking of Facebook accounts is a practice that's been around as long as Facebook itself, and the popularity of the service makes it a juicy target for phishers and producers of malware. Often, the hacked account has been broken into using data stolen from another website; here's an example of where a Christian dating service website was compromised and the data obtained thereby led to hacking of multiple Facebook accounts owned by those who had registered on the dating site.

In other cases, the Facebook account itself is the initial target, and the unwary user is tricked into giving up his or her login information via a phishing attack. There was an outbreak of this sort last year; Fast Company provides a FAQ explaining what was involved.

All this is to say that there are multiple ways to compromise a Facebook account that have nothing to do with the user's computer, and that don't involve viruses. Also, while the Mac OS is not immune to viruses, I can find no documentation of a verified successful attack by a virus on Keychain. Even in the example cited above - the phishing attack that affected Macs as well as Windows machines - it was theorized that the offending script was web-based, and not running locally on the computers themselves. If Matt has indeed suffered such an attack, he needs to report it to Apple because it's groundbreaking news.

I'm skeptical about the claim of a successful Keychain attack for at least one additional reason: if you were able to steal someone's list of usernames and passwords for all their personal and financial accounts, would your only exploit be to mess around in Facebook? Of course, it's not outside the realm of possibility that the hacker(s) knew that accessing things like bank accounts could land them serious jail time, whereas the hijacking of a Facebook account probably carries few consequences, so perhaps I shouldn't read too much into that. But it does seem odd that the only manifestation of a Keychain break-in would be related to Facebook (and I certainly don't mean to minimize the importance of Facebook to any given user).

Granted, Matt doesn't write a technology column and he may have left out details or avoided specific terminology that he deemed irrelevant to the overall story, which was how his personal and social life was affected by the loss of an important social media account. I'd be interested in hearing more details about how he came to the conclusion that the attack was virus-based.

The takeaway from this is pretty simple and commonsense. Don't respond to emails or click links from people you don't know, and be skeptical of those you do know. Don't send out your username/password via unknown WiFi networks. Periodically change your passwords.

And, still, be skeptical of claims of viruses that affect Macs. ;-)


Thanks for reading my column, and for your response to it. I did leave a lot of information out of the column for a variety of reasons, but, as you said, the point of the column was more the effect of the loss of a social media account. Also, in the column, I do mention that other accounts were compromised; I just didn't go into a lot of detail about it. I appreciate your interest and encourage you to keep reading!

About this Entry

This page contains a single entry by Eric published on September 15, 2010 8:17 AM.

Tax-Exempt Status of Local Organizations in Jeopardy was the previous entry in this blog.

Random Thursday is the next entry in this blog.

Archives Index