Flood of Filth Turns Facebook News Feeds Into Open Sewers
Nov 15, 2011 12:22 PM PT
Many Facebook users have complained recently about a spam flood of a most unsavory nature.
Some say pornographic images and images depicting extreme violence -- sometimes both -- are showing up in their News Feeds without their consent. Others say their accounts are being used to send friends links to explicit videos and other messages.
The attacks once again highlight the ongoing war between Facebook and hackers.
"We have recently experienced an increase in reports and we are investigating and addressing the issue," Facebook spokesperson Gwendolyn Belomy told TechNewsWorld.
"Protecting the people who use Facebook from spam and malicious content is a top priority for us, and we are always working to improve our systems to isolate and remove material that violates our terms," Belomy added.
The social networking site needs to do more, contended Rob Enderle, principal analyst at the Enderle Group.
"This can only truly be stopped by better securing the services and clearly showcasing that those who violate a service like this are prosecuted to the full extent of the law regardless of where they are located," Enderle told TechNewsWorld.
Halloween on Facebook?
Apparently some members of Facebook found the offensive images posted in their Facebook News Feeds without their consent or knowledge.
Others reportedly received complaints from friends that their accounts were being used to send requests to click on links to videos, bogus chat messages, or mass messages and tagged photos that mislead those who click.
Some angry members have reportedly terminated their accounts.
It's not presently known exactly how many of Facebook's 800 million members were affected by the attacks. Many users have not observed anything unusual about their news feeds or those of their friends.
Something Old, Something New
Attacks like this have plagued Facebook for years, though most don't reach this size.
"It's the scale of this one that makes it newsworthy," Enderle said. "It appears to be a broad attack on the service likely intended to drive people away from it," he added.
Judging by various reports, it appears that the hackers are using various means of attack.
One appears to be clickjacking -- an attack using hidden buttons or links on a website beneath the real buttons or links to redirect victims when they click.
Another appears to follow on from the hijacking of legitimate user accounts. The attackers then send out malicious links and other content to the friends of the owners of the hijacked accounts in an attempt to get them to click on these poisoned links and content.
Facebook Friends Hurting Friends
Hackers and spammers persist in targeting Facebook and other social networking sites because "social networks are a gold mine for attackers," Mike Geide, senior security researcher at Zscaler ThreatLabZ, told TechNewsWorld.
"With such a large volume of users, spam and malicious content can spread very rapidly," Geide added.
It's not clear whether the attackers were playing an ill-considered prank or had monetary or other motives behind their actions.
"It could be extortion, but Facebook hasn't reported the intent," Enderle stated. "Or this could be kids with too much time on their hands, or an attempt to drive people off Facebook, or even some disgruntled user getting revenge," he added.
Other possible causes are rogue applications "that have quietly collected personal information, or ... a diversion based on something bigger going on," Andrew Brandt, director of Solera Networks' Threat Labs, told TechNewsWorld.
The Art of Facebook Self-Defense
Despite its efforts to secure its systems, Facebook's defenses have been penetrated several times in the past.
Computer researchers at the University of British Columbia reportedly set up and operated their own social botnet on Facebook for eight weeks. They found that eight out of 10 people approved the bot's friend requests, even though they clearly did not know who or what the bot was.
They'll report their findings at the Annual Computer Security Applications Conference, to be held in Orlando, Fla., in December.
"Our advice is to turn on HTTPS for everything and enable strong two-factor authentication," John Salter, chief operating officer at Yubico, told TechNewsWorld.