Feeds

Facebook vows 'consequences' for extreme porn scammers

Responsible parties already identified

Choosing a cloud hosting partner with confidence

Updated Facebook officials have tracked down the scammers responsible for deluging the social network with images depicting bestiality, self-mutilation and other depravity and is vowing to seek swift justice.

As previously reported, Facebook has blamed the torrent of extreme smut on a "self-XSS vulnerability in the browser" that tricked users into pasting and executing malicious javascript in their address bars and caused them to unknowingly share this offensive content. Many victims have reported that the highly offensive content is visible to others but not to the user whose account was used to spread it.

According to reports published by PCMag.com and ZDNet, Facebook officials have also figured out who is behind the attack. Both reports cited the same statement from a Facebook PR representative that says:

"In addition to the engineering teams that build tools to block spam we also have a dedicated enforcement team that has already identified those responsible and is working with our legal team to ensure appropriate consequences follow."

Neither report divulged the identity of the scammers or said if law enforcement agencies have been called in to investigate.

When The Register asked Facebook representatives for confirmation, one of them responded with a statement that read: "We've identified the responsible parties and are pursuing legal action at this time."

Facebook's enforcement team has already taken a tough stance against spamming. In 2009, it sued serial spammer Sanford Wallace and two associates for spamming members with wall posts that posed as messages from their friends. The social network was eventually awarded $711 million in the case. Earlier this year, Wallace was criminally charged with hacking more than 500,000 Facebook accounts.

Facebook has sued other alleged spammers as well.

Facebook has yet to elaborate on key details of the ongoing attack. It's still unknown if the cross-site scripting vulnerability is unique to a particular browser and how many of its 800 million users have been affected.

Security firm Zscaler has a primer on self-inflicted JavaScript injection here. In the post, researcher Mike Geide said the most common ploy in the ongoing deluge comes from malicious Facebook groups that ask users to join and then enter JavaScript into their URL bar.

The scripts contain obfuscated code that generates invite messages to all of a user's Facebook friends and includes an invisible link to hxxp://aagmphxa.facebook.joyent.us/goog/index1.php. The URL no longer works. ®

This post was updated to add comment from Facebook and details from Zscaler.

Follow @dangoodin001 on Twitter.

Beginner's guide to SSL certificates

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
China is ALREADY spying on Apple iCloud users, claims watchdog
Attack harvests users' info at iPhone 6 launch
Carders punch holes through Staples
Investigation launched into East Coast stores
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.