Digital TrendsTechnology news and Product Reviews

Facebook: Browser bug, not Anonymous, behind sex and violence spam attack

Andrew Couts By

Facebook's problem with spam that spread images of graphic violence and hardcore pornography was the result of browser vulnerability, the company says. Hacker collective Anonymous was not behind the attack, which is now mostly under control.

 facebook-shutterstockFacebook says that the flood of images depicting graphic sex and violence that engulfed many of its users over the past 24 hours was the result of a “coordinated spam attack.” The success of the attack was due to a browser vulnerability, the company said. In addition, a Facebook official tells the BBC that hacktivist group Anonymous, who some have blamed for the attack, was not in any way responsible.

A Facebook spokesperson says the company has the wave of spam mostly under control. We have received confirmation from multiple readers who were affected that the disturbing images are no longer appearing in their News Feed. The company also says that no user data was compromised as a result of the attack.

“During this spam attack users were tricked into pasting and executing malicious JavaScript in their browser URL bar causing them to unknowingly share this offensive content. No user data or accounts were compromised during this attack,” a Facebook spokesperson told InformationWeek. “Our engineers have been working diligently on this self-XSS vulnerability in the browser.”

So far, Facebook has declined to give details about which browsers contained the vulnerability that led to the attack.

Prior to Facebook’s clarification on the matter, some speculated that loose-knit hacker collective Anonymous was behind the attack. Last month, high-profile members of the group denied that there was a concerted plan to take down the popular social network, after an Anonymous-branded video proclaimed as much.

While this appears to be the case, some Anonymous members have reportedly unleashed a different attack, known as the “Fawkes virus” (in reference to 17th century anti-governement terrorist Guy Fawkes, who serves as the group’s mascot).

This past weekend, Internet security company Bitdefender said it had discovered the Fawkes virus using its Safego social media anti-virus tool. George Petre, head of social media security research for Bitdefender told us yesterday via email that it did not believe Anonymous was connected to the spam attack because “Anonymous would use something more sophisticated.”

[Image via 1000 Words/Shutterstock.com]

In Case You Missed It:

Showing 3 comments

  1. Phil Winkel at 2:49pm 16th November 2011 Chrome is nice, but if you're dumb enough to copy and paste [malicious] javascript into your browsers URL bar and execute it, it doesn't really matter what browser you're using.
  2. smparmenter at 10:38am 16th November 2011 Chrome to the rescue?... ;)
  3. Sean Michael Parmenter at 6:37pm 16th November 2011 I'm glad I use Chrome... ;)
Close Suggestion Microsoft working on its own social network Socl
View Article