The page has been spamming newsfeeds with online gambling adverts since 2 September, when it was renamed “Bsd303" - short for “Bandar Slot Dunia”. The posts are largely written in Indonesian, although the page is also advertising for “Slot Server Thailand”.
Déi Lénk spokesman Gary Diderich confirmed the page had been hacked; however, neither the party, nor the person responsible for running the page, could say who was behind the hack or how it had occurred.
The first post uploaded by the hackers was traced back to 25 June, a mere two weeks after the municipal elections, when they succeeded in changing the page’s profile picture. It is not clear how long the hackers have had access to the Facebook page, or whether they were able to view private messages exchanged by the page and other accounts.
Popular housing campaign “Ech brauch eng Wunneng” (“I need a home”), run by the Left, has also had its Facebook page targeted by hackers, who changed the profile and cover images on 14 July. Diderich said both pages had been run by different people and there had been no overlap between the administrators.
The party’s spokesman is of the opinion that the sites were hacked on purpose. However, it could not be proven whether the hack was politically motivated in any way, although the Left have not ruled it out. Diderich explained the election campaign had taken up much of the party’s time over the past few months, meaning no full investigation has been carried out; however, attempts to contact the hacker over the private messaging function went ignored. The party reported the hack to Facebook itself, but received no support.
Locked out of their own Facebook page and unable to close or delete it, the Left in the North were forced to start a new page on 3 August. However, with just 138 followers, the site has far less visibility than the original, which still has 505 followers, over a month after the spam began.
Alexandre Dulaunoy of the Computer Incident Reponse Center (CIRCL) offered RTL an assessment of the situation. Facebook accounts are hacked relatively often, for private accounts as well as for pages. It is a simple-enough process - a user merely has to click one wrong link to be infected with malware, which goes on to identify the user name and password required.
Shared accounts, such as pages with multiple administrators, are often more susceptible to hacking attacks, as the number of devices which could be infected with malware increases. Dulaunoy says it is important to activate multi-factor identification where possible to protect against attacks.
Although it is not particularly advantageous for hackers to target political parties, accounts with a high number of followers and page visits are often targeted. In spite of this, hackers are generally opportunistic and take advantage of smaller sites if the chance presents itself.
