Social media

Friendster is back! Or is it…?

Over the last few weeks, large numbers of social media fans have signed up to sites and apps like Cohost, Hive, and Mastodon. However, this urge strike out to new and unused places may be crossing over into nostalgia territory—a place that’s ripe for exploitation.

Think of all the fond memories you have of services like MSN Messenger, AIM, Myspace, and more. Wouldn’t you love to go back? Wouldn’t it be great if one of those services somehow rose from the grave or went back to the way they were, just as you remember them?

There’s a good chance you’d sign up for old time’s sake and see how things have changed or even stayed the same, right? But before you make the leap, just one question: Is the freshly resurrected site the real deal?

A genuine friend?

Hands up if you remember Friendster. Launched in 2003, by the time it turned into a social gaming platform in 2011 it had somewhere in the region of 115 million users. The shutters finally came down in 2018, a sad end for a once popular social space.

Well, the site has returned…sort of.

Launched with little to no fanfare, it seems odd that such a major site would make a comeback in this way. The portal currently claiming to be Friendster shows somewhere in the region of 7,000 registered users. The front page is a sparse collection of updates, mostly along the lines of person X is now connected to person Y. It’s like you’re looking at someone’s Facebook feed and not the front page of a major new site relaunch.

There are several warnings about the site already in circulation. One notes that the registration process is tied to WordPress instead of some sort of custom social media platform. As the linked article notes, this would perhaps explain why the site is slow for many users.

Further warnings

Now, CERT-PH has issued an additional warning about the site, tied to suspicions related to phishing activity:

“Upon initial investigation, the current IP address hosting the website had previous reports about phishing, brute force, and DDoS attacks, hacking, and host exploitations. The link uses a non-popular top-level domain. Also, it does not include an “About Us” page which could tell who developed the website”.

So far, then, we have suspicions of data harvesting via sign ups, and worries of phishing and potentially suspicious hosting. The advice from all fronts is “Don’t risk it”. It’s possible the site has been thrown together by a well meaning and vaguely nostalgic fan of the original service. Probably not the worst thing that someone could do, though they’re likely going to regret trying to do all of this via WordPress.

You (probably) can’t go home again

These are strange and unsettled times in social media land at the moment. With so many people branching out into parts unknown, well meaning imitations (if that’s what they turn out to be) are most definitely popping up at the worst time imaginable.

Our advice is the same as that given above. No matter how fond your memories of old school services, resist the temptation to sign up to sites popping up out of the blue. You have no real idea who’s behind it, what their plan is, or what they’re going to do with your data. It might be entirely innocent, if misguided; on the other hand, it could end up being considerably worse. Close that sign up tab, and save yourself a future headache.

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.


Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.