Facebook Users Subjected to Loads of Porn Spam

See no evilFor some people, the last thing they expect or want to see when they log onto Facebook are lewd and provocative sexual images posted on their news feeds. A mix of embarrassment, disgust, and shock can fill a person, especially when that person happens to be using Facebook at work. Nevertheless, that is exactly what many Facebook users have been experiencing this month.

According to Graham Cluley of the antivirus firm Sophos, attackers are using “clickjacking” to insert malicious code into a user’s browser. When a user goes to what seems like a normal website and clicks on a button, the clickjacking code covers the actual button with an invisible layer. Most users do not even know they have been jacked.

Facebook representatives announced Tuesday that they had identified the methods the hackers were using to exploit Facebook pages and called it a “self-XSS browser vulnerability”. XSS, which stands for cross-site-scripting, usually takes advantage of vulnerabilities in software to insert malware, or even take control of the unsuspecting server or PC. In this case, the self-XSS may bait the user with promises of free giveaways or “exclusive” videos that they cannot resist clicking.

According to Sophos, the exploit requires the user to copy and paste a Javascript code into the browser’s address bar, an exploit which Google Chrome and Mozilla Firefox had already fixed. Sophos testers were able to easily execute javascript code from the Internet Explorer 8 and 9 address bar, but Facebook did not specify which browsers were affected by the spamming.

Facebook reportedly took steps to prevent self-XSS attacks after the Bin Laden spam that hit the social network’s news feeds last spring. Now it appears those security measures were not enough.

Top Public Relations News:

Customs Agents Stand Against Court Decision – the PR of a Government Divided Against Itself

Customs Agents Stand Against Court Decision – the PR of a Government Divided Against Itself

Pennsylvania Turnpike Commission Issues Public Relations RFP

Pennsylvania Turnpike Commission Issues Public Relations RFP

United Nations High Commissioner for Refugees Issues RFP For Digital Media

United Nations High Commissioner for Refugees Issues RFP For Digital Media

French/West/Vaughan Announces Six New Hires & Three Promotions

French/West/Vaughan Announces Six New Hires & Three Promotions

Emerging Trends in PR Firms Shaping the Marketing World

Emerging Trends in PR Firms Shaping the Marketing World

Q & A With CEO of Carve Communications

Q & A With CEO of Carve Communications

Social Media Users Can Earn Money, Must Disclose Ads

Social Media Users Can Earn Money, Must Disclose Ads

Word Artists: Mel Bochner, Barbara Kruger Making a Statement on Canvas or Otherwise

Word Artists: Mel Bochner, Barbara Kruger Making a Statement on Canvas or Otherwise

Greater Williamsburg Is Seeking A PR Agency

Greater Williamsburg Is Seeking A PR Agency

The Dershowitz Group: Leader in Representing Conservatism

The Dershowitz Group: Leader in Representing Conservatism

Leave a Reply

Your email address will not be published. Required fields are marked *