Explicit and violent images have flooded the newsfeeds of many Facebook users in the last 24 hours or so.
The content, which includes explicit hardcore porn images, photoshopped photos of celebrities such as Justin Bieber in sexual situations, pictures of extreme violence and even a photograph of an abused dog, have been distributed via the site – seemingly without the knowledge of users.
Some Facebook users vented their annoyance on Twitter, with some claiming they would deactivate their Facebook accounts as a result:
One commenter to Naked Security, rxladyblue, told us:
I just viewed a gay pornography pic that was on the news feed under her name. She could not see the pic but all of her friends could see it.
Another Facebook user, ralahinn1, said:
One of my friend's accounts was compromised and messages containing a video were sent. My daughter's boyfriend had something posted on his wall that he couldn't see on his computer, but my daughter could see on his wall from hers.
It isn’t presently clear precisely how the offending content has been spread – whether users are falling for a clickjacking scheme, are being tagged in content without their knowledge, have poorly chosen privacy settings, have been tricked into installing malicious code, or have fallen victim to another vulnerability inside Facebook itself.
What’s clear, however, is that mischief-makers are upsetting many Facebook users and making the social networking site far from a family-friendly place.
Reporters at Gawker have speculated that hackers associated with Anonymous may be responsible for the attack, but that is unconfirmed.
So, it seems highly offensive spam content has successfully spread via Facebook for 24 hours or more. It’s precisely this kind of problem which is likely to drive people away from the site. Facebook needs to get a handle on this problem quickly, and prevent it from happening on such a scale again.
Of course, this incident raises another important question. Many firms may be comfortable allowing users to access sites such as Facebook, but what happens when hardcore pornographic and offensive content is being spread. Should companies block access to sites hosting offensive content?
[polldaddy poll=”5671295″]
Make sure that you keep informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos page on Facebook, where over 140,000 people regularly share information on threats and discuss the latest security news.
Update: In September 2011, Naked Security published a story about a widespread warning that had been spread between Facebook users warning of pornographic movies appearing on Facebook users’ walls – visible to the user’s friends, but not to the user themselves. At the time we found no evidence of this occurring, and so considered the story likely to be a hoax. In light of the most recent incident described below, it seems sensible to retract that advice. We would like to apologise for any confusion or inconvenience caused – this issue has been very complicated to investigate, and we continue to look into it.
Update 2: Facebook has released a statement concerning the spread of this scam and a related browser vulnerability.