Facebook is littered with a worm, seemingly the same one under different names, created by randomly generated developers, which is spreading links all over the site.
Applications like S22BZ5 created by randomly assigned pseudonym 'Jackson Lasseter' has nearly 300 people under the grips of the worm. Others, such as replicated application B5DA8G, 9IHJ35 and AU0ZVE have just under 1,000 people inadvertently spreading the worm.
Just in the last 24 hours, I have seen my own friends' list infiltrated by these worm applications which set status messages via the application without the knowledge of the profile owner, through a shortened link service with an infected GIF file.
A quick Facebook search for 'tiny.cc' and 'is.gd', two link shortening services, shows a great deal of worry and concern over
Links seem to run through imgcrave.info and imgpant.info which then direct the user to an ordinary, legitimate website like Google or YouTube. Once this is done, your Facebook will be compromised, though this only seems to work on a Windows machine.
This could however be a complicated 'revenge' attack on this person, considering any hacker or malware writer would surely not be stupid enough to leave their own details on a WHOIS record. This is speculation, however.
Once again, this shows Facebook will allow applications which are not verified, that act in a worm or malware like fashion, and allows individual user privacy to become compromised to anyone who can slap together a simple application.