What users of this app don’t see, however, is that there are some evil (if in the wrong hands) things going on behind the scenes. The research paper gets a little complicated, but PC World sums it up nicely:

In the background, every time the application is clicked, it sends a 600 K-byte HTTP request for images to a victim’s Web site.

Those requests, as well as those images, are not seen by someone using Photo of the Day, which the researchers have termed a "Facebot" application. The effect is a flood of traffic to the victim’s Web site, known as a denial-of-service attack.

According to the researchers, a "facebot" application could grab personal details from a user’s Facebook account and post them to a remote server. This should make application users feel a little uneasy, particularly those who like their privacy.

Ryan Singel at Wired says, "Now, coders who control a really popular social networking app aren’t likely to jeopardize their oil well for a prank, but it would not be hard for a slightly popular application to become rogue without anyone ever knowing or being able to figure out it was happening."

The research paper points out that Facebook could prevent such applications from appearing on the social network. They would have to make sure that the apps didn’t interact with outside hosts.

Social network security is probably going to be an increasingly important topic as social media continues to gain popularity, and see widespread use among more platforms. Social networks are being integrated more with mobile devices, blogs, and business web sites, and this is where trouble could really start to snowball.