Feeds

Facebook says it's winning against Justin Bieber smut onslaught

Scrubs punters' walls clean of bogus celeb porn

Secure remote control for conventional and virtual desktops

Facebook said it is well on the way to cleaning up a noxious slurry of porn and pictures of dead animals left by a spam campaign that targeted users' walls this week.

The attack - which resulted in punters being greeted by an avalanche of photoshopped pornographic images of Justin Bieber - involved tricking users into pasting rogue JavaScript code into their browsers.

As previously reported, Facebook described the mechanism of the attack as a self-inflicted XSS vulnerability. The social network says it managed to eliminate most of the rogue status updates by Wednesday lunchtime.

In a statement, Facebook said:

We've built enforcement mechanisms to quickly shut down the malicious Pages and accounts that attempt to exploit it. We have also been putting those affected through educational checkpoints so they know how to protect themselves.

Initially it was suspected a purported member of Anonymous, who threatened to unleash a Koobface-style worm against the site, might be behind the attack. This theory has now been binned, and it now seems that cyber-crooks are behind the attack, which is likely to be financially motivated, possibly through means of driving traffic to dodgy shopping sites.

The attack is particularly unpleasant because Facebook tries to maintain a family-friendly environment for its teenage and adult users. Children under 13 are not allowed to open accounts.

The site is reportedly putting in place systems to prevent similar attacks in future. Security experts warns that other popular websites might be hit by similar outbreaks in future.

"The flaw being exploited could likely be used against other sites as well if users can be tricked into pasting malicious javascript into the browser," Chester Wisniewski, a senior security advisor at Sophos warned. ®

Intelligent flash storage arrays

More from The Register

next story
Just don't blame Bono! Apple iTunes music sales PLUMMET
Cupertino revenue hit by cheapo downloads, says report
The DRUGSTORES DON'T WORK, CVS makes IT WORSE ... for Apple Pay
Goog Wallet apparently also spurned in NFC lockdown
IBM, backing away from hardware? NEVER!
Don't be so sure, so-surers
Hey - who wants 4.8 TERABYTES almost AS FAST AS MEMORY?
China's Memblaze says they've got it in PCIe. Yow
Microsoft brings the CLOUD that GOES ON FOREVER
Sky's the limit with unrestricted space in the cloud
This time it's SO REAL: Overcoming the open-source orgasm myth with TODO
If the web giants need it to work, hey, maybe it'll work
'ANYTHING BUT STABLE' Netflix suffers BIG Europe-wide outage
Friday night LIVE? Nope. The only thing streaming are tears down my face
Google roolz! Nest buys Revolv, KILLS new sales of home hub
Take my temperature, I'm feeling a little bit dizzy
Storage array giants can use Azure to evacuate their back ends
Site Recovery can help to move snapshots around
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
How to simplify SSL certificate management
Simple steps to take control of SSL certificates across the enterprise, and recommendations centralizing certificate management throughout their lifecycle.