Facebook identifies porn spam perpetrators

Share this article:
Facebook said it has identified many of those responsible for a wave of pornographic content that showed up on users' news feeds this week.

Those behind the coordinated spam attack, which began on Monday, leveraged a cross-site scripting (XSS) web browser vulnerability to flood Facebook news feeds with explicit and pornographic material, including images depicting acts of violence, self-mutilation and bestiality. The attackers managed to trick users into pasting and executing malicious JavaScript in their web browser URL bar, causing them to unknowingly share the offensive content, Facebook said in a statement sent to SCMagazineUS.com.

No user accounts or data was compromised during the attack.

The social media giant is “pursuing the appropriate action” against those responsible for the campaign, a Facebook spokesman told SCMagazineUS.com on Friday. He declined to provide any additional details.

Facebook described the issue as a “self-XSS,” meaning users themselves had to execute the code needed to launch the attacks, as opposed to a traditional XSS attack, which involves malicious code being injected directly into a website. Users may have been told to paste the code into their browser to win some type of prize or sweepstakes, Chester Wisniewski, senior security adviser at security firm Sophos, wrote in a blog post Wednesday.

“Considering that the flaw is not within Facebook's website, it appears to have been rather difficult for them to respond to this threat,” Wisniewski added.

It is not known which web browser is vulnerable. Until it is fixed, the same flaw could potentially be used in attacks against other sites, he warned.

Facebook, meanwhile, said it has put in place mechanisms to quickly shut down the malicious pages and accounts that attempt to exploit the flaw, and is providing security education to affected users. As well, it has put in place back-end measures to reduce the rate of such attacks.

By now, most of the offensive spam has been eliminated. Facebook said it is working to improve its systems to prevent a similar attack from recurring.

Many users this week took to Twitter to express their frustration over the explicit content. Some users said they were planning to deactivate their accounts over the issue. 

“Seeing a dead dog on my Facebook newsfeed,” one user wrote in a Tweet. “Officially deactivating it.”

Some have speculated that the hacktivist collective Anonymous is behind the attack, though the group has not taken credit for it.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

President signs Executive Order to improve payment security

President signs Executive Order to improve payment security

President Obama signed an Executive Order at the Consumer Financial Protection Bureau calling for enhanced security measures, including microchips and PINs.

Security, tech firm coalition fights Hikit actors, other advanced groups

Security, tech firm coalition fights Hikit actors, other ...

The coalition began as an effort to stop the spread of the Hikit trojan, previously known for targeting U.S. defense contractors.

Phishing email delivers keylogger malware, also takes screenshots

Phishing email delivers keylogger malware, also takes screenshots

The malware has various features, including the ability to start persistently, take screenshots and bypass user access controls.