Facebook: Attack Identified, Most Spammed Porn Removed

By  | 

(CNN) -- Facebook says a hack that exploited some Web browsers was responsible for a flood of porn, violent images and other graphic content that spread across the site over the past couple of days.

Spokesman Frederic Wolens said Facebook's security team had been working to identify the cause of the spam and that, by Tuesday afternoon, "we have eliminated most of the spam caused by this attack."

"We are now working to improve our systems to better defend against similar attacks in the future," Wolens said in an e-mail.

Earlier Tuesday, Graham Cluley, a consultant with Web security firm Sophos, said that "explicit and violent" images had been flooding the News Feeds of Facebook users for the past 24 hours or so.

Cluley wrote on the Sophos blog that the images included hardcore porn; photoshopped images of celebrities, including teen pop star Justin Bieber, in sexual positions; "extreme violence;" and at least one image of an abused dog.

"What's clear," Cluley wrote, "is that mischief-makers are upsetting many Facebook users and making the social networking site far from a family-friendly place."

Several CNN.com staffers reported seeing some of the images by Tuesday morning.

Facebook's Wolens said that users were tricked into pasting malicious script into their browser URL bars, causing them to unknowingly share the offensive content.

He said no data or account information was compromised during the attack.

The blog AllFacebook reported that the social-media giant had been quietly taking down the images for most of the day Tuesday.

Writer Jackie Cohen said a request for comment on the images merely got a reply thanking her for "flagging" the images.

"The fact that these photos spread for as long as 48 hours unchecked [shows] how much Facebook relies on individual users to flag inappropriate content: people were commenting on the images more than flagging them," she wrote.

Users were, understandably, distraught.

"Seeing a dead dog on my Facebook news feed ........ Officially deactivating it," said one Twitter user in a post collected by Sophos.

"I saw a dead dog, Justin Bieber [performing a sex act] and a naked grandma," said another. "Time to delete facebook."

The Facebook statement said the site has built a mechanism to shut down pages sharing the links and contacted people affected by the attack with information about how to protect themselves.

The site advised users never to copy and paste unknown code into their browser bars, always use up-to-date browsers and use the "Report" links on Facebook to report suspicious activity when they see it.

Facebook did not say anything about who may have been behind the attacks.

With questions still abounding, speculation on the Web turned -- as it often does in online hacking cases -- the controversial "hacktivist" collective Anonymous.

A group claiming allegiance to Anonymous announced it was going to make November 5 "Kill Facebook Day." That day came and went with little noticeable activity.

But last week, an Anonymous-affiliated group announced in a YouTube video that it had created the "Fawkes virus," a sophisticated tool that would attack Facebook.

A handful of Twitter feeds widely acknowledged as being run by Anonymous members had made no mention of the Facebook posts Tuesday morning.

At least two members had previously distanced themselves from Operation Facebook, saying it was doomed to fail and that Anonymous is not a cohesive group with unanimously approved goals.

"Using a simple Facebook account, the worm can be carried into other accounts with little or no interaction," an automated voice says in the video posted on the account "AnonSecurity157." "We did not expect the intensity with which this would spread."

The video claims the worm can be controlled remotely and that once it's fully understood it "will use this to its advantage against corruption."

Comments are posted from viewers like you and do not always reflect the views of this station.
powered by Disqus