Quantcast

UPDATE: Facebook’s Porn Spam Due To “Attack That Exploited A Browser Vulnerability”

Facebook is curbing the flow of porn, gore on the site

Get the WebProNews Newsletter:


UPDATE: Facebook’s Porn Spam Due To “Attack That Exploited A Browser Vulnerability”
[ Social Media]

Our global nightmare might not be totally over, but at least it’s in the process of coming to an end. The flood of penises, dead babies, bloodied corpses and photoshopped Justin Bieber pics is being turned off by the folks at Facebook.

On Monday, users began complaining that Facebook had turned into a porn site – saying that their news feeds were inundated with hardcore images. As the images spread, users began reporting violent pictures and gory images of animal abuse. The images were popping up on people’s feeds, claiming to have been posted by friends – although people had no idea that they were propagating the content.

Facebook has issued a brief statement, blaming the spread of graphic images on a “coordinated spam attack that exploited a browser vulnerability.” The specifics involved oblivious users adding “malicious javascript in the browser URL.”

Here’s the full statement:

Protecting the people who use Facebook from spam and malicious content is a top priority for us, and we are always working to improve our systems to isolate and remove material that violates our terms. Recently, we experienced a coordinated spam attack that exploited a browser vulnerability. Our efforts have drastically limited the damage caused by this attack, and we are now in the process of investigating to identify those responsible.

During this spam attack users were tricked into pasting and executing malicious javascript in their browser URL bar causing them to unknowingly share this offensive content. Our engineers have been working diligently on this self-XSS vulnerability in the browser. We’ve built enforcement mechanisms to quickly shut down the malicious Pages and accounts that attempt to exploit it.

We have also been putting those affected through educational checkpoints so they know how to protect themselves. We’ve put in place backend measures to reduce the rate of these attacks and will continue to iterate on our defences to find new ways to protect people.

So Facebook is limiting users’ exposure to the penises – which is good. Users were a little more than incensed over the spam. Of course, spam attacks aren’t anything new to Facebook – but this one appeared to be particularly malicious.

While Facebook cleans up this latest mess, it doesn’t hurt to talk about what you the users can do to prevent stuff like this from happening.

First and most importantly, stop clicking on stupid links. Have an eye for stuff that sounds out of character for your friends to post. Anything that offers you a look into something private, or contains any of the phrases “OMG” or “I can’t believe this” might be a clickjacking scam. If a link offers to tell you how many people have looked at your profile page, for the love of god, don’t click it.

If you do find that you have fallen victim to something like this, it doesn’t hurt to change your password. And make sure that your privacy settings are set pretty tight on who can tag you in a photo.

Of course, if your friends fall victim to these spam attacks, you might not be able to stop the flood of unwanted imagery from hitting your news feed. Hopefully, with a little help from Facebook’s security team and a little more common sense from users, we can make this kind of thing happen less frequently.

UPDATE: Facebook’s Porn Spam Due To “Attack That Exploited A Browser Vulnerability”
Top Rated White Papers and Resources
  • http://tinyurl.com/portlandwindowcleaning Michael

    I read this very closely. I didnt click on anything form anyone and still my friends were sent some of this garbage.

  • http://www.moxby.org.uk/seo-inverness-scotland.html Martin Oxby – SEO

    I have to say I agree wholeheartedly with the advice to stop clicking stupid links.

    What spammers in general have taken advantage of is users’ trust in firstly, Facebook itself (which isn’t invincible) and secondly in their friends, without considering if what their “friends” appear to be posting is normal or not.

    Fortunately I didn’t see any of this, but I am glad to hear others’ nightmares should have now been dealt with.

  • Paul in NJ

    The article doesn’t say *which* browser has the “browser vulnerability”, but one can guess (*cough* IE *cough*).

    I don’t have that problem with Opera.

    And, yes, those who click on “stupid links” are pretty much asking for it.

  • Paul Klimes

    people who click these links saying you’re in this funny video are just plain retarded. Up until today I haven’t seen any of the spam. But most of my friends are the stupid bitches from my high school looking at these links of the “dead Bieber” maybe if people would act just a bit smarter we could get rid of the spam once and for all

  • Join for Access to Our Exclusive Web Tools
  • Sidebar Top
  • Sidebar Middle
  • Sign Up For The Free Newsletter
  • Sidebar Bottom