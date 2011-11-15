* Users tricked into sharing offensive content -Facebook
* Spam attack focused on Internet browser vulnerability
(Adds details of spam attack)
By Alistair Barr
Nov 15 Facebook Inc said on Tuesday that it is
investigating a rash of unsolicited graphic images that hit
some users' accounts this week.
The images, Internet links and videos depicting pornography
and violence have hit some people's Facebook newsfeeds in
recent days.
"We experienced a coordinated spam attack that exploited a
browser vulnerability," Facebook spokesman Andrew Noyes said in
a statement emailed to Reuters. "Our efforts have drastically
limited the damage caused by this attack, and we are now in the
process of investigating to identify those responsible."
Facebook does not know yet who was behind the attack and a
motive was not clear, Noyes added during an interview with
Reuters.
Facebook users were tricked into pasting and executing
"malicious" javascript in their browser URL bar, which led to
them unknowingly sharing the content, Noyes explained.
Facebook engineers have been working to reduce this browser
vulnerability, he added.
Facebook and other "Web 2.0" sites are easy targets for
such attacks because they pull in a lot of content from outside
sources, according to Paul Ferguson, senior threat researcher
at Trend Micro Inc. (4704.T)
"It seems every other day there is some new Facebook
'threat,' but this is just the new reality of Web 2.0 and
social networking," Ferguson said. "It is 'low-hanging fruit'
for criminals."
(Reporting by Alistair Barr in San Francisco and Jim Finkle in
Boston, editing by Gerald E. McCormick and Matthew Lewis)