Social network site, Facebook has said that it has 'eliminated most of porn image spam attack, which forced most users to deactivate their accounts last week.A statement from Facebook said that it has rid its site of most of the pornographic and violent images posted as part of a spam attack.The social network blamed a browser vulnerability and said that it was improving its systems to defend itself against similar attacks in the future.Thousands of the website's 800 million users have complained about the pictures over recent days.The firm is understood to be working with its legal department to take action against the suspected attacker.Facebook said that the spam attack worked via a 'self-XSS vulnerability in the browser' adding that 'During this attack, users were tricked into pasting and executing malicious javascript in their browser URL bar causing them to unknowingly share this offensive content.Facebook however said that 'no user data or accounts were compromised during this attack' saying that its engineers had built enforcement mechanisms to shut down malicious pages and accounts that attempt to exploit the vulnerability.While offering some useful advice to help guard against further attacks, it warned users against coping and pasting unknown code into the address bar saying that users should always use an up-to-date browser.He urged users to use the report links on Facebook to flag suspicious behaviour or content on friends' accounts.Facebook allows children above the age of 13 to be members, and polices a ban against inappropriate images.However, security experts said that it was difficult for the firm to respond to this threat, bearing in mind it exploited vulnerability in an unnamed web browser rather than the site itself.They also said that the attack was very unusual because most other scams on the social network are designed to deliver a financial payout.'This seems to be a purely malicious act. Facebook has a reputation for maintaining a reasonably family-friendly environment,' wrote Chester Wisniewski, a senior security advisor at Sophos, on his company's blog.'Hopefully whichever browser it is that has the flaw will provide a fix ASAP, but as we know most people are slow to apply updates regardless of which browser they use (except Chrome).''The flaw being exploited could likely be used against other sites as well if users can be tricked into pasting malicious javascript into the browser.'Some Facebook users said that they deactivated their accounts after seeing horrific images on the siteThe pictures are reported to have shown up in users' newsfeeds.According to the technology site, ZDnet, the material is being spread via a 'linkspam virus' which tempts members to click on a seemingly innocuous story link.Thousands of the site's members have posted comments about the breach on Twitter.'Discovered a new porn site, it's called Facebook,' wrote one user.'Facebook should do something about the photoshopped porn images, it's offensive,' wrote another.Other users complained they had seen pictures of mutilated animals and people, in some cases adding that they had deactivated their accounts as a consequence.Several people are linking the attack to the Anonymous hacktivist group after a video appeared on YouTube threatening to 'kill' the social network.However, experts have questioned whether the video was authentic.The Internet security firm Sophos senior technology consultant, Graham Cluely, said that it was not clear how the offending content was spread, but added that the website could face long term consequences.'It's precisely this kind of problem which is likely to drive people away from the site,' he wrote in a company blog.The social network requires its members to be at least 13 years old to sign onto the service. Experts said that the firm may need to issue warnings if the pictures have been seen by its youngest users.
Click here to read full news..
