Facebook comments on Porn and Violence Spam attacks

Nov 15, 2011
12
Facebook comments on Porn and Violence Spam attacks

This week it would appear that Facebook was the victim of a rather unsettling security breach where loads of violent and/or pornographic images were strewn across users feeds, these attacks commented on late in the dar on Tuesday by the company. Facebook has sent out a statement which points to a browser vulnerability as the culprit and note that they're currently investigating to find out who is responsible for the whole situation. Unsavory images, video, and links have flooded in on your average everyday friend's streams and in most cases, they've got no idea.

Currently Facebook is shutting down handfuls of malicious Pages and accounts that appear to have been taking part in the attack. In general it appears that Facebook users were in one way or another tricked into pasting and executing a Javascript code which then took their Facebook accounts for quite a ride down sharing lane. Of course users affected have only to change their password, run a virus scan on their computer if they believe it's that kind of bug, and check through their Facebook apps to find any they might not have added themselves (or were unaware that they added, in this case). Have a peek at Facebook's statement on the matter here:

"Protecting the people who use Facebook from spam and malicious content is a top priority for us, and we are always working to improve our systems to isolate and remove material that violates our terms. Recently, we experienced a coordinated spam attack that exploited a browser vulnerability. Our efforts have drastically limited the damage caused by this attack, and we are now in the process of investigating to identify those responsible.

During this spam attack users were tricked into pasting and executing malicious javascript in their browser URL bar causing them to unknowingly share this offensive content. Our engineers have been working diligently on this self-XSS vulnerability in the browser. We’ve built enforcement mechanisms to quickly shut down the malicious Pages and accounts that attempt to exploit it. We have also been putting those affected through educational checkpoints so they know how to protect themselves. We’ve put in place backend measures to reduce the rate of these attacks and will continue to iterate on our defenses to find new ways to protect people." - Facebook

If you feel as though you've been affected by the attack in question or have witnessed some nasty images / video / links in your news feed, report it to Facebook immediately and be sure to take another peek at your security settings to make sure you've got nothing unwanted sitting around, specifically in your apps.


Must Read Bits & Bytes