Sanford Wallace, 43, also known as "Spamford Wallace" and "David Frederix", was arrested in Las Vegas on Thursday.
Wallace is accused of hacking into 500,000 accounts to harvest friend lists between November 2008 and March 2009. He allegedly used the compromised lists to make more than 27 million unsolicited postings on Facebook walls that appeared to come from friends.
If targets clicked on links within the messages, they were presented with a website designed to fool them into handing over their full name, email address and password, prosecutors said. Finally they would be redirected to affiliate websites that would allegedly pay Wallace “substantial revenue” for traffic.
The scheme relied on vulnerabilities that Wallace discovered in Facebook’s spam filters, according to the indictment.
“To accomplish his scheme, Wallace first tested his spamming capabilities between two Facebook accounts,” it said.
“[He] used a fake Facebook account of ‘David Frederix’ and his legitimate ‘Sanford Masterwb Wallace’ account to test variations of spam messages in order to evade Facebook’s filtering mechanisms.
“Once Wallace evaded Facebook’s spam filters he employed an automatic scripting process to sign into a compromised Facebook user’s account, retrieve a list of all the user’s friends, and then post a spam message to each of the user’s friend’s Facebook walls.”
Wallace is now indicted on a total of 11 charges of fraud, intentional damage to a protected computer, and criminal contempt.
The contempt charges relate to an earlier civil case brought against Wallace by Facebook itself.
A federal judge awarded the dominant social network $711m in damages in October 2009. The firm did not expect Wallace to pay, but the judge also ordered him not to log in to Facebook. According to Thursday’s indictment he “wilfully and knowingly” breached that order.
Wallace, who first gained notoriety as a spammer in the 1990s and also lost a civil case brought against him by MySpace in 2008, was released on $100,000 bail. He faces up to three years in jail and a $250,000 fine for each of the six fraud charges and up to 10 years in jail for each of the three charges of intentional damage to a protected computer.
Facebook welcomed the arrest.
“We applaud the efforts of the US Attorney’s Office and the FBI to bring spammers to justice,” said Chris Sonderby, its lead security and investigation counsel.
“Two years ago, Facebook sued Wallace and a federal court ordered him to pay a $711 million judgment for sending unwanted messages and wall posts to people on Facebook. Now Wallace also faces serious jail time for this illegal conduct.”
“Once Wallace evaded Facebook’s spam filters he employed an automatic scripting process to sign into a compromised Facebook user’s account, retrieve a list of all the user’s friends, and then post a spam message to each of the user’s friend’s Facebook walls.”
Wallace is now indicted on a total of 11 charges of fraud, intentional damage to a protected computer, and criminal contempt.
The contempt charges relate to an earlier civil case brought against Wallace by Facebook itself.
A federal judge awarded the dominant social network $711m in damages in October 2009. The firm did not expect Wallace to pay, but the judge also ordered him not to log in to Facebook. According to Thursday’s indictment he “wilfully and knowingly” breached that order.
Wallace, who first gained notoriety as a spammer in the 1990s and also lost a civil case brought against him by MySpace in 2008, was released on $100,000 bail. He faces up to three years in jail and a $250,000 fine for each of the six fraud charges and up to 10 years in jail for each of the three charges of intentional damage to a protected computer.
Facebook welcomed the arrest.
“We applaud the efforts of the US Attorney’s Office and the FBI to bring spammers to justice,” said Chris Sonderby, its lead security and investigation counsel.
“Two years ago, Facebook sued Wallace and a federal court ordered him to pay a $711 million judgment for sending unwanted messages and wall posts to people on Facebook. Now Wallace also faces serious jail time for this illegal conduct.”
No comments:
Post a Comment