Controlling your info…by hijacking your group

I saw in the news today about Facebook groups being hijacked through a design flaw. When a group is created on Facebook, you have the option of it being an open group (anyone can join) or a closed group (invite only). Then there is an owner and an administrator of the group. Usually they are the same person, but you can delegate. If the owner/admin no longer wishes to be a part of the group, they can leave, but that means the group no longer has an owner. Anyone can then take ownership of the group to keep it going.

I am not going to debate whether this is a good or bad policy on the part of Facebook. What I want to talk about is the blatant hacking of the group “Control your info”. While I understand their desire to “help” hacking and defacing groups on Facebook is hardly the way to go about it.

Once they joined a group and took it over, they would post the following message there:

“This means we control a certain part of the information about you on Facebook. If we wanted we could make you appear in a bad way which could damage your image severly.

For example we could rename your group and call it something very inappropriate and nasty, like “I support pedophile’s rights”. But have no fear – we won’t. We just renamed it Control Your Info. Because this is really all we want:

Think about the safety in your social media life to the same extent you do in your real life.

Watch the videoclip for more information or check out for more tips soon!

We promise to restore your group name and leave the group by the end of next week. Don’t worry – we won’t mess anything up.

Best regards”

What they are doing really is no different to a hacker gaining control of a group and defacing it. Two wrongs do not make it right. While this group may think they are “helping” they are in fact making themselves look just as bad as a black hat. Think about the hacker that “Rickrolled” a bunch of iPhones that Graham posted about. Does it really make it right to hack into computers, phones, and websites to “try to raise security issues”? Not in our books.