Facebook 'Eliminates' Spam after Coordinated Attack

The social network says it has fixed the cross-site scripting flaw that caused porn and violent images to show up on user profiles.

ZDNet: Facebook says it has made changes which will shut down the clickjacking attack that caused many user profile pages to display porn or violent images. It blamed the problem on a browser flaw that allowed cross-site scripting attacks. The company says that it knows who was behind the attack; other media reports say that the hacktivist group Anonymous did not orchestrate the attack.

Facebook said that "no user data or accounts were compromised during the attack." Security experts say that users can avoid attacks like this by not cutting and pasting code that doesn't appear to be a URL into their browser bars.

Tags: Facebook, clickjacking

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.