Money Matters - Simplified

Facebook eliminates malicious content after spam attack

Facebook is urging users to be vigilant and recommends a change in password, use of an up-to-date browser, tightening of privacy settings and running an antivirus scan to guard against further hacks.

Facebook said Wednesday that it has eliminated most of the spam that swamped users’ pages with graphic images of pornography and violence after a calculated malware campaign.

The attack, which began over the weekend, caused offensive content, including fake images of celebrities such as Justin Bieber in compromising positions and gory pictures of dead or abused animals, to pop up in Facebook news feeds.

Facebook said it has identified those behind the malicious spam attack and is preparing appropriate legal action.

Facebook spokesman Andrew Noyes told FoxNews, “We are always working to improve our systems to isolate and remove material that violates our terms. Protecting the people who use Facebook from spam and malicious content is a top priority for us.”

“The spam attack worked via a 'self-XSS vulnerability in the browser'. During this attack, users were tricked into pasting and executing malicious javascript in their browser URL bar causing them to unknowingly share this offensive content. No user data or accounts were compromised during this attack.” -- Facebook spokesman Andrew Noyes

Facebook users tricked
The flood of obscenity appears to be linked to a spam virus that spreads when users unknowingly give permission to post links, images and videos to their accounts.

The perpetrators hijacked Facebook accounts of unsuspecting users to push malicious content across the social network without their knowledge.

Noyes stated, “The spam attack worked via a 'self-XSS vulnerability in the browser'. During this attack, users were tricked into pasting and executing malicious javascript in their browser URL bar causing them to unknowingly share this offensive content. No user data or accounts were compromised during this attack.”

Some remedies offered
The flaw behind the deluge of disturbing images circulating on the social networking site has been more or less rectified, Facebook said. The security team working on the issue has built “enforcement mechanisms” to shut down malicious pages and accounts.

Meanwhile, they are also urging users to be vigilant and offering them advice to guard against further hacks.

Some recommendations include a change in password, use of an up-to-date browser, tightening of privacy settings and to run an antivirus scan.

A Facebook spokesman told the Wall Street Journal, “We have also been putting those affected through educational checkpoints so they know how to protect themselves. We've put in place backend measures to reduce the rate of these attacks and will continue to iterate on our defenses to find new ways to protect people.”