Facebook red-faced again after 'prom' hack

Profane wall message continues to spread malicious code

Facebook is again finding itself in the middle of a maelstrom of negative attention regarding security breaches, the latest being malicious code delivered via a profanity-laden, continuously posting wall message urging individuals to "Vote for Nicole Santos."

The message instructs recipients to click a "remove this app" link to get rid of the posts. However, clicking on the link actually enables a malicious script to access the user’s Facebook account and spread the script to friends’ accounts.

The vulnerability allowed individuals to post malicious code in comments, which were then treated as URLs and allowed to spread, according to Facebook. The "Vote for" message has led to speculation that the hack is somehow related to prom season.

Even though Facebook quickly fixed the bug and is working to remove the wall posts from user accounts, the hoax has already spread rapidly through accounts and continues to do so when people click on the provided link, reported CNET.

Currently the only solution appears to be to avoid clicking on the link or any link asking you to verify your account, "as this may be how the hack gains access to your Facebook wall in the first place," reported TheNextWeb.

The breach is Facebook’s latest security-related embarrassment in the last few days. Earlier this week Symantec Corp. reported a years-old security breach on Facebook, a platform increasingly used by government agencies and employees, that could have compromised millions of accounts.

A study released this week also found that about a third of Facebook users, or 7.5 million individuals, are under the age of 13, despite the site’s rules and screening processes. In addition, Facebook executives admitted on May 12 that they were behind a Google smear campaign calling Google’s privacy policy into question.

About the Author

Kathleen Hickey is a freelance writer for GCN.


  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected