Facebook red-faced again after 'prom' hack

Profane wall message continues to spread malicious code

Facebook is again finding itself in the middle of a maelstrom of negative attention regarding security breaches, the latest being malicious code delivered via a profanity-laden, continuously posting wall message urging individuals to "Vote for Nicole Santos."

The message instructs recipients to click a "remove this app" link to get rid of the posts. However, clicking on the link actually enables a malicious script to access the user’s Facebook account and spread the script to friends’ accounts.

The vulnerability allowed individuals to post malicious code in comments, which were then treated as URLs and allowed to spread, according to Facebook. The "Vote for" message has led to speculation that the hack is somehow related to prom season.

Even though Facebook quickly fixed the bug and is working to remove the wall posts from user accounts, the hoax has already spread rapidly through accounts and continues to do so when people click on the provided link, reported CNET.

Currently the only solution appears to be to avoid clicking on the link or any link asking you to verify your account, "as this may be how the hack gains access to your Facebook wall in the first place," reported TheNextWeb.

The breach is Facebook’s latest security-related embarrassment in the last few days. Earlier this week Symantec Corp. reported a years-old security breach on Facebook, a platform increasingly used by government agencies and employees, that could have compromised millions of accounts.

A study released this week also found that about a third of Facebook users, or 7.5 million individuals, are under the age of 13, despite the site’s rules and screening processes. In addition, Facebook executives admitted on May 12 that they were behind a Google smear campaign calling Google’s privacy policy into question.

About the Author

Kathleen Hickey is a freelance writer for GCN.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above