Home Warn Users of Malware on Facebook – Get Banned?

Warn Users of Malware on Facebook – Get Banned?

Looking for a good conspiracy theory today? Well here’s one: Chris Almond, the administrator of a Facebook group called the Rogue Facebook Apps Early Warning Group just got kicked off the social network. Why did this happen? Did Facebook not like how he was posting details about Facebook malware, hacks, and attacks? Attacks like this recent one that exposed private Facebook profile information just by clicking on a link?

Or was Facebook simply following through on a TOS violation because Chris had accidentally sent out duplicate messages to group members, thereby getting flagged as a spammer and subsequently booted from the network?

You decide.

First Rule of Facebook: Don’t Talk about Hacks on Facebook!

On Monday, the anonymous blogger over on Social Hacking posted a link that demonstrated a gaping hole in Facebook which revealed private profile data upon clicking. The hack worked (I tried it at the time) although now the hole has been closed. He later revealed the technicaldetails of this hack on his blog.

However, even before those technical explanations were posted, Chris Almond was spreading the word via the Rogue Facebook Apps Early Warning Group, a group whose members like to stay informed about the latest and greatest threats happening on the social network. All he was doing was publicizing the information – he was not involved in the hack’s creation in any way.

Shortly after sharing the information with the group, Chris found his account was disabled.

And because it was disabled, Chris’s collection of links and articles he had posted since the group’s creation in 2009 as well as all the discussions he had with other group members were gone, too. The group’s archive was emptied out.

Does that sound suspicious to you? TheHarmonyGuy (aka Mr. Anonymous from Social Hacking) thinks so. He writes, “While I hope I’m wrong (and I very well could be), it appears that at least part of the reason for the account shutdown was that this user was spreading word about my Facebook attack. It saddens me that other people are having to suffer on my account…”

Flip Side: Just a Simple TOS Violation?

Of course, there are always two sides to any story and this story is no exception. In Facebook’s defense, Chris Almond was guilty of a TOS (Terms of Service) violation. You see, Chris had decided to send out personal emails to group members with information about the hack and to invite them to a group event. Unfortunately, he accidentally sent out duplicate emails to some of the group’s members.

This triggered Facebook’s spam detection feature – most likely an automated system that detects such behavior on the part of group admins. Chris received the warning and realized his mistake. Though accidentally, he had in fact violated Facebook’s TOS. He stopped sending any further messages after receiving the message.

But apparently, it was too late for contrition because Facebook soon thereafter disabled his account.

At the moment, Chris is busy pleading for reinstatement. He has sent Facebook the following emails to state his case:

Email 1


My Facebook account, registered with this email account [EMAIL ADDRESS REMOVED] has been disabled.

I’m not going to argue that I didn’t violate terms of use, only that I did so unknowingly and in completely good faith.

Please allow me to explain my activity that led to the disabling. I am admin of a group called Rogue Facebook Apps Early Warning Group. I wished to send an invite to members to a group event I’d created in which information about facebook security issues was shared, containing links to a site that after personal contact with the author I am satisfied is legitimate and non-threatening.

Here is the link I shared: http://theharmonyguy.com/2009/06/22/illustrating-facebook-privacy-problems/

Due to the size of the group, it was impossible to send a group invite, so I decided to personally message members of the group who had posted on the wall. My reasoning was that they were voluntary members of the group and so this was probably an acceptable course of action. Obviously I was wrong about that.

I have been corresponding recently with Ryan Merket of Facebook platform team about the group. Hopefully he will be able to vouch for my good intentions.

I assume that somebody to whom I sent a message has reported my activity as spam. I can certainly see, in light of what has happened, that it could be construed as such but my intention was to share information about Facebook security awareness, and absolutely not to trouble anyone at all.

Please reinstate my account. I run a small business, promoting music in my local area, and my business will suffer if I can’t use facebook for that purpose.

Yours contritely

Chris Almond

Email 2


I wrote the other day about how I’d shared a link with members of the Facebook group I co-administrate, and how that action has led to the disabling of my Facebook account registered with [EMAIL ADDRESS REMOVED]

I don’t know if the manner in which I distributed the message or its contents were the main transgressions in your opinion. I accept that by duplicating a message I triggered an automatic spam alert, and I sincerely regret that particular course of action. Please note, I stopped sending the messages as soon as the first warning appeared.

The link itself was to a hack, described here by its author http://theharmonyguy.com/2009/06/24/facebook-attack-technical-details/

The purpose of the Facebook group I help to run, Rogue Facebook Apps Early Warning Group, is to spread awareness about the weaknesses in Facebook platform that allow unscrupulous Facebook app developers to access users’ private information without their explicit authorisation. I am not a hacker, nor particularly technically informed in that area, but I am somebody who is concerned by the implications of such weaknesses. Neither am I, as my group co-admin erroneously stated in an email to you yesterday, working with theharmonyguy. I merely follow his work and believe that the kind of activism he engages in is an honorable, and practical way, of encouraging greater security on Facebook.

A hallmark of my personal experience of Facebook is the worrying amount of applications that find their way onto my account without my permission. Error Check System, the notorious app attack of February 2009 that led to the formation of our group, was merely one of the most aggressive, visible, and widely remarked-upon.

I don’t publish sensitive personal info on my account, but many do, and I believe it is legitimate behavior to be proactive in spreading awareness of the issue.

Having accepted that the sending of duplicate messages is in contravention of the Facebook terms of use, I must say it is intolerable that I have been singled out for suppression when, over the course of my time using Facebook I have seen many groups containing material that by any reasonable assessment is racist, homophobic, or in some other regard hate-filled and offensive, and whose admins are allowed to continue their activities.

I am not a spammer. I have never, before this incident, done anything that could be viewed as spamming. I accept that I was naïve in the way I went about promoting the activities of my group. I do not think that what I did warrants permanent expulsion from the Facebook community, and I hope you will agree.

Yours sincerely

Chris Almond

What Do You Think?

So is this a clear-cut case of a Facebook TOS violation being acted upon? Or was Facebook just looking for an excuse to shut this group down? Surely they couldn’t have liked the fact that Facebook users were using their very own platform to share news and links about ways to attack Facebook! Still, there wasn’t anything Facebook could do about it…unless somebody crossed the line, of course.

Luckily for us, Facebook has not yet succeeded in completely destroying this group. The Rogue Apps Early Warning group itself lives on thanks to co-admin, Stuart Forbes, who is now in charge of the group’s activities. Chris’s account is currently still suspended.

UPDATE:After this article was published, Facebook reactivated Chris’s account.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.