Facebook reassures users after malware warnings

Facebook security chief Max Kelly has assured users in a blog post that the social network is "fighting the good fight" when it comes to several malware attacks recently discovered on the site.

"We spent most of last night working on a fix for a worm, which was targeting people on Facebook and placing messages on walls urging users to view a video that pretends to be hosted on a Google or YouTube website " Kelly wrote.

"Less than .002 percent of people on Facebook have been affected, all of whom we notified and suggested steps to remove the malware," Kelly added.

The worm was first flagged up by security firm Sophos, just days after another one had been identified by Kaspersky Lab.

Kelly said Facebook appreciates the efforts of watchdogs. "If we get a report of a bug or a hole from a user, a security researcher, a reporter, blogger, or anyone, we check it out and fix it as quickly as possible," he wrote.

"In fact, we appreciate it when help comes our way from the many security experts and organisations out there," Kelly stated.

Sophos and other security firms have warned that social networks such as Facebook and MySpace are breeding grounds for security attacks: they have massive user bases, plenty of outside developers working on the sites, and lots of avenues [messages and wall posts, for example] for spreading malware to unwitting users.

Facebook recommended that members follow a few basic security measures: report spam postings, install the proper Mac or Windows software in the event of a malware infection, and never share Facebook passwords.

That last piece of advice will become more difficult for Facebook to recommend as use of Facebook Connect, which lets external sites use Facebook login credentials, grows more commonplace.