The romantic in me, would like to think, with the ‘return’ of Lewis Hamilton and the 2022 new Formula 1 car launch season upon us, some good luck was infused our way as I am happy to report that together with Facebook support we have regained ownership of our GRANDPRIX247 page.
It’s an end to a grueling 20 days, living ‘identity theft’ with hijackers – end-game unknown – taking ownership of our account and posting vulgar images and content on the page with 41,000 fans, which was started back in 2009 when this place was still yallaf1.com.
I personally put in at least 100 hours monitoring and investigating these past three weeks while starting an alternative page – in case we never retrieved the original page or it was harmed beyond repair – which we intend to merge in the future.
Credit to Facebook support for keeping open a constant line of communication as we gave daily reports of the hijackers’ actions and damage being done to the reputation of our site, beyond the Facebook page.
Of course, along the way, one picks up so much that I cannot look at the time spent researching the problem as wasted because I learnt so much about the operational side of Facebook as a traffic referral tool, that I feel I have a handle on Meta and the complex dashboard infrastructure that replaced the original functional – hassle-free to me – user Facebook Business Suite.
This was not a simple case of a hijacked page being freed with a couple of clicks
If it were a simple case of hijacking a page, would it not be simple just to delete the hijackers with the uber-admin privileges one would expect Facebook to have? But no it dragged, prompting two scenarios as I went to sleep with the hackers on my mind and was woken by them in my twilight state. It was all-consuming.
I had two scenarios in my mind’s eye, the first a tad Hollywood. A dark room with glowing workstations (like in the movies) with a dozen FB support propeller heads typing furiously at their keyboards, engaging cyber attackers targeting GRANDPRIX247, scenes out of Johnny Mnemonic if you know what I mean.
Until finally, they managed to ALT-DEL the mothertruckers out of the page and into oblivion. Installing the rightful owners to the page.
Nice movie, but forget about it, just Google ‘Facebook Page Hack’ and check out the last year and you will be served about 17.300.000 results (0,47 seconds) dealing with the scourge.
However, the real scene is probably 1000 FB support peeps buried in their laptops, side by side in cubicles – Another Brick in the Wall style – email boxes packed with reports of hacked accounts. And perhaps it is a simple fix from FB side, click on hijacker name, ALT-DEL and click on true owner name and click REINSTATE.
But when you have hundreds of thousands of hijacked accounts, perhaps millions, then it is understandable it takes 20 days for our case to pop onto a FB support person to fix.
Whatever the case, it was not so much about the traffic, but the principle of the matter that stopped me from simply saying “F@ck it” ditch the hacked account, and start afresh. Which I nearly did.
As a side note, the new page attracted about 10k fans per week. So the interest in F1 is there!
Hence ends our open-source hacking saga which has taught us some hard lessons to serve us well going forward
Friends, colleagues, readers, drivers, teams… Be warned to be vigilant, wary of any approaches that require too much information no matter what guise and from whom presented. Just always be wary.
As for Facebook, which is now under the Meta brand, it has become a social monster that appears to be eating itself up, increasingly unable to police itself rapidly and effectively. Its future wobbled mightily when Mark Zuckerberg’s baby crashed leaving the gazillion-aire 25% poorer, ironically, midway through our hacking saga.
From our side, they remain an important tool for referral traffic (much better for us than Twitter or Instagram) so if you can’t beat them (yet) join them. The hijack cost us, and while we are supremely grateful for Facebook support for restoring ownership to our 12-year-old page, we will be tapping them up for reparations. Again the principle of the matter.
For those who want to learn something about pages, here is the hacked Facebook page recovery timeline:
- 20 January – Through messenger a legit Facebook account holder approaches us to monetise the page. The impression was the approach was directly from a FB agent. Adhering to instructions supplied, unknown to me I relinquished ownership of the page. Immediately Jad and I were removed as page Admins.
Porn posts and inappropriate posts start appearing on the page timeline. - 21 January – After a lengthy process to get into a FB support chat finally made contact with a person who took on the case. And reinstated Jad and I as admins where we remained, albeit powerless to prevent the hijacker from posting, but we could delete them as they appeared.
FB support received daily reports from us, with their acknowledgement and confirmation that work was ongoing.
We reported the hack to our readers. - 22 January – We start the alternative page and urge fans of the hacked page to shift over.
Daily reports from us to FB continue. They respond with what can be summed up as “be patient, work in progress…” Several agents were on our case during the period. - 6 February – We update our readers on the status of the hacked Facebook page. And send links to Facebook support and whatever presence Meta has on Twitter.
- 9 February – Jad and I receive emails stating that we should change our passwords as the account may have been compromised and informed that the page has also been downgraded for a week as a result of inappropriate posts. We have appealed the restrictions and expect them to be lifted once our cred is established by FB. This is in process.
Once we changed passwords, I went to Page Roles in the Page backend and to my surprise, Adil Market, who hijacked the page, was no longer the owner, while Red Page a hostile Admin responsible for the posts could be removed. This we did.
Thereafter I was able to take ownership of the page again. - Now, this is the important part, for anyone who owns a page or thinks they do: Go to Settings>>> Page Roles and make sure you are the owner and not just admin. If you are not, immediately stake ownership, because if you don’t you will vulnerable.
This is where the Facebook Business Suite to Meta rollout appears to have failed, leaving too many backdoors to be exploited in this manner. In our case, somehow I relinquished ownership unbeknown to me which allowed anyone to claim the page, as they did for 20 days. - 10 February – Announce the Page is back in our control, rebuild the reputation and have all restrictions rescinded by Facebook; while we are at it they might as well throw in some sort of credit for pain and suffering caused! And lack of earnings 😉
In closing, thanks for the invaluable support from Jad and the team, our mates in the business who reached out, readers who emailed us directly, the positive comments and advice.
Hopefully, this saga serves as a lesson to all who read us, cybersecurity is a misnomer, nothing is secure in cyberspace, and increasingly so. Just when you think it won’t happen to you, it does. Ask us, we know. For now, the matter is closed. And thankfully a happy ending too!
Now let this friggin’ epic new F1 season begin!