(ZDNet) Over the last few days, Facebook users have been experiencing a flood of links, videos, and imagesdepicting pornography, acts of violence, self-mutilation, and bestiality. Facebook confirmed the NSFW problem with me this morning and now, this afternoon, is offering more details. In short, Facebook says it was hit by a coordinated spam attack leveraging a browser vulnerability.
Some members of the social network are complaining about violent and/or pornographic pictures showing up in their News Feeds without their knowledge that they have allegedly Liked. Others are being told by their friends that they are sending requests to click on links to videos, sending out bogus chat messages, or writing mass messages and tagged photos leading people to believe they are in the link. If you are affected by this, please see Facebook virus or account hacked? Here’s how to fix it.
Palo Alto says it has been shutting down the malicious Pages and accounts that attempt to exploit this flaw and has been giving users guidance on how to protect themselves. Overall, the company claims it has managed to drastically reduce the rate of the attack, but wouldn’t elaborate with actual numbers.
“Protecting the people who use Facebook from spam and malicious content is a top priority for us, and we are always working to improve our systems to isolate and remove material that violates our terms,” a Facebook spokesperson said in a statement. “Recently, we experienced a coordinated spam attack that exploited a browser vulnerability. Our efforts have drastically limited the damage caused by this attack, and we are now in the process of investigating to identify those responsible.”
Users are unsurprisingly outraged, and as is typical with Facebook members, many are already threatening to close their accounts. I personally have not seen any such Facebook activity on my own profile, and neither have my friends. Still, although the service’s users complain about a lot of small things, this is not one of them. That being said, it’s still not known how many of the site’s 800 million active users are affected.
Some have blamed the hacktivist group Anonymous, which was rumored to be planning to take down the social network on November 5, for this attack. Three months ago, the larger collective group made a point to say it did not support such a takedown operation and in the end it did not take place: the service has remained operational all month.
Facebook is still up and running, but it has been exploited in a coordinated way. There is no proof that Anonymous is behind this flood of inappropriate images and links (normally such an attack would result in confirmation from Anonymous, in some shape or form), but it only takes a few members or ex-members to pull something like this off.
This is a developing story: I will continue updating you as Facebook’s investigation progresses.
- Facebook warns of recent wave of spam (seattletimes.nwsource.com)
- Facebook Says Users Tricked Into Sharing Spam (foxnews.com)
- Facebook Fights Flood of Violent and Pornographic Spam (mashable.com)
- Official: Facebook filth flood nowt to do with Fawkes virus (go.theregister.com)
- Facebook Porn Attack of the Day (geeks.thedailywh.at)
- Porn spam attack hits Facebook (independent.co.uk)
- Facebook confirms nasty porn storm (hazima.wordpress.com)
- Facebook comments on Porn and Violence Spam attacks (slashgear.com)
- Facebook explains pornographic shock spam, hints at browser vulnerability (nakedsecurity.sophos.com)
- Facebook warns of recent wave of spam (seattlepi.com)