Hackers launched an attack on Facebook's 200 million users yesterday, successfully gathering passwords from some of them in the latest campaign to prey on members of the popular social networking site.
Facebook spokesman Barry Schnitt said on Thursday that the site was in the process of cleaning up damage from the attack.
He said that Facebook was blocking compromised accounts. Mr Schnitt declined to say how many accounts had been compromised.
The hackers got passwords through what is known as a phishing attack, breaking into accounts of some Facebook members, then sending e-mails to friends and urging them to click on links to fake websites.
Those sites were designed to look like the Facebook home page. The victims were directed to log back in to the site, but actually logged into the one controlled by the hackers, unwittingly giving away their passwords.
The purpose of such attacks is generally identify theft and to spread spam.
The fake domains include www.151.im, www.121.im and www.123.im. Facebook has deleted all references to those domains.
Mr Schnitt said that Facebook's security team believes the hackers intended to collect a large number of credentials, then use those accounts at a later time to send spam hawking fake pharmaceuticals and other goods to Facebook members.
The site fought off a similar attack two weeks ago, he said.
Privately held Facebook and rival social network MySpace, which is owned by News Corp, require senders of messages within the network to be members and hide user data from people who do not have accounts. Because of that, users tend to be far less suspicious of messages they receive.
Hackers used a phishing attack last year to spread a malicious virus known as Koobface (a reference to Facebook). It was downloaded onto Facebook members' PCs when they clicked on a link sent to them in an email that looked like it had been sent by a friend on Facebook.
Reuters