|

Facebook stops porn image spam, but concerns remain

By Daniel S Levine, 11/16/2011
Even though Facebook stopped the porn image spam attack, concerns over security remain.
The Facebook logo is seen at the company headquarters in Palo Alto, California in this May 26, 2010 file photo. The social networking site has gone from nowhere a few years ago to become the biggest single seller of online display advertising in the U.S. with more than $2 billion in revenues this year, according news reports on July 1, 2011, quoting research firm eMarketer. REUTERS/Robert Galbraith/Files (UNITED STATES - Tags: SCI TECH BUSINESS)

On Monday, Facebook acknowledged the disturbing and often pornographic image spam that flooded some users’ news feeds, blaming browser vulnerability for the attack. However, the issue raised new concerns about privacy and how easy it might be for hackers to get a user’s information from their Facebook page.

According to The BBC, Facebook said that the attackers took advantage of a “self-XSS vulnerability in the browser...During this attack, users were tricked into pasting and executing malicious javascript in their browser URL bar causing them to unknowingly share this offensive content.”

The company also reassured users that user data and accounts were not hacked into or compromised.

The images that were included in the attack showed images of celebrities such as Justin Bieber photoshopped into sexual situations and pictures of abused dogs, according to Naked Security. Facebook users went to Twitter to complain about the images.

The Inquirer notes that it had been speculated that hacker group Anonymous could have been behind it, but senior social media security researcher George Lucian told the site that the attack did not follow their patterns. Anonymous has used their Fawkes virus in the past, but “These are ordinary scams and we believe Anonymous would use something more sophisticated. We expect the Fawkes virus to be something related to malware, and to have complex mechanisms,” Lucian said.

Even though Facebook has said that no user data was hacked into, there are still concerns that if Facebook was vulnerable to this attack, it could be just as easy to do that. Experts told The Washington Post that it is likely that another attack could involve sending out false messages claiming to be from family members, tricking users into giving up personal information.

Daimon Geopfert, a security expert for RSM McGladrey, told the Post that just the fact that Facebook was attacked could damage their brand. Chester Wisniewski, a security researcher at Sophos, added that Facebook could be doing more, but has sacrificed security in the name of convenience.

2
Average: 2 (1 vote)
Your rating: None
 
 
 
-

Join Our Newsletter

Popular Threads