Facebook users hit by hardcore porn, violence and animal abuse images

[Jack]

Explicit and violent images have flooded the newsfeeds of many Facebook users in the last 24 hours or so.

The content, which includes explicit hardcore porn images, photoshopped photos of celebrities such as Justin Bieber in sexual situations, pictures of extreme violence and even a photograph of an abused dog, have been distributed via the site - seemingly without the knowledge of users.

Some Facebook users vented their annoyance on Twitter, with some claiming they would deactivate their Facebook accounts as a result:

It isn't presently clear precisely how the offending content has been spread - whether users are falling for a clickjacking scheme, are being tagged in content without their knowledge, have poorly chosen privacy settings, have been tricked into installing malicious code, or have fallen victim to another vulnerability inside Facebook itself. What's clear, however, is that mischief-makers are upsetting many Facebook users and making the social networking site far from a family-friendly place.

Reporters at Gawker have speculated that hackers associated with Anonymous may be responsible for the attack, but that is unconfirmed.

So, it seems highly offensive spam content has successfully spread via Facebook for 24 hours or more. It's precisely this kind of problem which is likely to drive people away from the site. Facebook needs to get a handle on this problem quickly, and prevent it from happening on such a scale again.

Read more

 

[AyeAyeCaptain]

They'll need to act fast as I know I'm getting angry about how they let such things slip through the net. I know what to click and what not to click on and feel when I report the link/app in question that not much is done when reported.

 

[Deleted member 178]

Anonymous attack

 

[win7holic]

I never get a picture like that.
attacks is everywhere.

 

[Jack]

Facebook explains pornographic shock spam, hints at browser vulnerability

Facebook have acknowledged the spam attack that began slightly more than a day ago explaining what was causing users to see pornographic and other disturbing photos on their friends walls.

According to Facebook's statement the people behind the attack are exploiting a browser vulnerability that allows "self-XSS". XSS is shorthand in security circles for cross-site scripting.

What does this mean? Cross-site scripting essentially allows an attacker to execute JavaScript code in your browser that can access and control the website you are interacting with.

Facebook says that users were being enticed to copy and paste the offending JavaScript into their address/location bar in the affected web browser. We do not know which browser is vulnerable at this time.

What would compel someone to copy and paste malicious JavaScript into their browser? Usually it is related to a giveaway, contest or sweepstakes for some fantastic prize, and to qualify you need to paste this magic code into your browser.

Considering that the flaw is not within Facebook's website it appears to have been rather difficult for them to respond to this threat.

They state that they are working diligently to determine the behavior on peoples accounts when they fall victim and to roll back and delete any malicious changes.

Read more

 

[jamescv7]

I didn't encounter an images related to porn or animal abuse image. In fact I just saw before a related like a Hoax message probably related to hackers posting images that were pornographic without the consent of the user probably.

 

[WinAndLinuxTutorials]

I have a question, I found that there is a page liked in my account, but I didn't even visit it and pressed like. Is my account compromised?

 

[MrXidus]

I have a question, I found that there is a page liked in my account, but I didn't even visit it and pressed like. Is my account compromised?

Change your password, Better to be safe then sorry.

 

[moonshine]

I've heard from my friends that they all saw this stuff but I never saw one myself actually 'cause my Facebook Account is locked down for maximum privacy and security.

 

[jamescv7]

Even my classmate didn't encounter any explicit image, even in my news feed so it means the widespread may vary only.

 

[WinAndLinuxTutorials]

I have a question, I found that there is a page liked in my account, but I didn't even visit it and pressed like. Is my account compromised?

Change your password, Better to be safe then sorry.

Strange. The password was more than 30 characters and its strength was best, and I don't give my password to anyone. Anyway I will change it.

 

[illumination]

I have a question, I found that there is a page liked in my account, but I didn't even visit it and pressed like. Is my account compromised?

It depends if it is a "group" or not, as other users on your friends list can "add" you to their groups without you having to click anything...