Facebook red-faced again after 'prom' hack
Profane wall message continues to spread malicious code
- By Kathleen Hickey
- May 13, 2011
Facebook is again finding itself in the middle of a maelstrom of negative attention regarding security breaches, the latest being malicious code delivered via a profanity-laden, continuously posting wall message urging individuals to "Vote for Nicole Santos."
The message instructs recipients to click a "remove this app" link to get rid of the posts. However, clicking on the link actually enables a malicious script to access the user’s Facebook account and spread the script to friends’ accounts.
The vulnerability allowed individuals to post malicious code in comments, which were then treated as URLs and allowed to spread, according to Facebook. The "Vote for" message has led to speculation that the hack is somehow related to prom season.
Even though Facebook quickly fixed the bug and is working to remove the wall posts from user accounts, the hoax has already spread rapidly through accounts and continues to do so when people click on the provided link, reported CNET.
Currently the only solution appears to be to avoid clicking on the link or any link asking you to verify your account, "as this may be how the hack gains access to your Facebook wall in the first place," reported TheNextWeb.
The breach is Facebook’s latest security-related embarrassment in the last few days. Earlier this week Symantec Corp. reported a years-old security breach on Facebook, a platform increasingly used by government agencies and employees, that could have compromised millions of accounts.