Exploit turns Facebook into a haven for gory, violent and pornographic images

If you’re wondering why we’ve chosen the impossibly cute photo of five-week-old kitten Link as eye bleach for this post’s art, it’s because an increasing number of eyeballs that frequent Facebook could use it.

Many of the giant social network’s 800 million active users have found a flood of pornographic and gory images popping up on their news feed lately.

The reason for this is a linkspam virus (under the guise of celebrity news about Kim Kardashian — among others) that’s exploiting Facebook’s new media-rich Timeline upgrade. When users click a malicious link, it turns their news feed into a stream of pornographic, gory, violent and/or just plain unpleasant images.

It’s unclear who is to blame for the linkspam attacks, although many are pointing the finger at online hacktivist group Anonymous. Facebook isn’t saying much about the incident, but the company did send us the following statement:

“Protecting the people who use Facebook from spam and malicious content is a top priority for us and we are always working to improve our systems to isolate and remove material that violates our terms. We have recently experienced an increase in reports and we are investigating and addressing the issue.”

Have you experienced unpleasant images in your news feed due to the recent linkspam virus? Leave us a comment below.

Update – 1:10pm (PT): Facebook sent us another statement with some additional information about the exploit.

Recently, we experienced a coordinated spam attack that exploited a browser vulnerability. Our efforts have drastically limited the damage caused by this attack, and we are now in the process of investigating to identify those responsible.    During this spam attack users were tricked into pasting and executing malicious javascript in their browser URL bar causing them to unknowingly share this offensive content. Our engineers have been working diligently on this self-XSS vulnerability in the browser. We’ve built enforcement mechanisms to quickly shut down the malicious Pages and accounts that attempt to exploit it. We have also been putting those affected through educational checkpoints so they know how to protect themselves. We’ve put in place backend measures to reduce the rate of these attacks and will continue to iterate on our defenses to find new ways to protect people.

[Photo via Reddit user HLef]


Are you making or losing money with marketing automation? VB is working with marketing expert Ian Cleary to investigate marketing automation ROI. Help us out by answering a few questions, and we'll help you out with the data.

Topics >

blog comments powered by Disqus