Facebook identifies those behind coordinated spam attack

Facebook says it knows who is behind the coordinated spam attack resulting in links, videos, and images depicting pornography, acts of violence, self-mutilation, and bestiality on the site.
Written by Emil Protalinski, Contributor

Over the last few days, Facebook users have been experiencing a flood of links, videos, and images depicting pornography, acts of violence, self-mutilation, and bestiality. Facebook confirmed the NSFW problem yesterday morning and then in the afternoon revealed it was hit by a coordinated spam attack leveraging a browser vulnerability. Today, the social networking giant has acknowledged it knows who orchestrated the whole thing and has eliminated most of the spam on its service.

"In addition to the engineering teams that build tools to block spam we also have a dedicated enforcement team that has already identified those responsible and is working with our legal team to ensure appropriate consequences follow," a Facebook spokesperson said in a statement. He refused to disclose their identities or to discuss what exactly the social networking giant has in store for the individuals.

Three months ago, Spam King Sanford Wallace surrendered to the FBI after being indicted by a federal grand jury in San Jose for spamming Facebook. It took over two years, but Facebook eventually put him in his place. Let's hope the company manages to do the same to those behind this attack.

Some have blamed the hacktivist group Anonymous, which was rumored to be planning to take down the social network on November 5. Three months ago, the larger collective group made a point to say it did not support such a takedown operation and in the end it did not take place: the service has remained operational all month.

Facebook is still up and running, but it was exploited in a coordinated way. There is no proof that Anonymous was behind the flood of inappropriate content (normally such an attack would result in confirmation from Anonymous, in some shape or form), but it only takes a few members or ex-members to pull something like this off.

During the attack, some members of the social network saw violent and/or pornographic pictures show up in their News Feeds without their knowledge that they have allegedly Liked. Others were told by their friends that they were sending requests to click on links to videos, sending out bogus chat messages, or writing mass messages and tagged photos leading people to believe they are in the link. If you were affected by this, please see Facebook virus or account hacked? Here's how to fix it.

According to the company, this spam attack all started with users being tricked into pasting and executing malicious JavaScript in their browser's URL bar. This resulted in them unknowingly sharing the offensive content. Palo Alto says it has been shutting down the malicious Pages and accounts that attempt to exploit this flaw and has been giving users guidance on how to protect themselves. Overall, the company claims it has managed to drastically reduce the rate of the attack, but wouldn't share actual numbers.

Users are unsurprisingly outraged, and as is typical with Facebook members, many are already threatening to close their accounts. I personally have not seen any such Facebook activity on my own profile, and neither have my friends. Still, although the service's users complain about a lot of small things, this is not one of them.

In addition to the identities of the perpetrators, Facebook is not sharing other details. We still don't know about the browser vulnerability: how it works exactly and which versions of which browsers are affected. It's also not known how many of the site's 800 million active users were affected or how much inappropriate content was shared. In fact, Facebook has been careful not to divulge too much about the attack, especially not numbers.

See also:

Editorial standards