Spammers have taken advantage of a vulnerability in Facebook to spread auto-replicating links, a trick that makes it possible to spread crud without using social engineering.

Simply clicking on any application spam links was enough to "share" the application to the user's wall, net security firm F-Secure explains, adding that the links had stopped working by late on Monday.

While Facebook has contained this threat, others along the same lines are likely to follow, not least because spammers have taken to web 2.0 sites as channels for crud promotion or (increasingly) to distribute survey scams.

For example, comment spam promoting a survey that supposedly offered an iPad as a prize for completion was brazenly posted to a YouTube channel maintained by Sophos earlier this week, as illustrated by a blog post here. ®

Related stories

• Analysis Facebook defends security strategy (21 January 2011)
• Parent-thwarting bypass tool takes kids to internet badlands (24 November 2010)
• Facebook blames outage on internal config flaw (24 September 2010)
• Spammers latch onto Ping to pump iPhone survey scams (3 September 2010)
• Survey scammers serve up supposed shelter from survey scams (1 September 2010)
• Survey scammers exploit Facebook dislike lure (16 August 2010)
• Flaw lets hackers delete Facebook friends (21 May 2010)
• Dodgy Facebook pages used to power 'spam a friend' joke scam (10 May 2010)