Facebook said that it is investigating a rash of unsolicited graphic images that hit some users' accounts this week. The images, Internet links and videos depicting pornography and violence have hit some people's Facebook news feeds in recent days. "We experienced a coordinated spam attack that exploited a browser vulnerability," Facebook spokesman said in a statement. "Our efforts have drastically limited the damage caused by this attack, and we are now in the process of investigating to identify those responsible."
Facebook does not know yet who was behind the attack and a motive was not clear. Facebook users were tricked into pasting and executing "malicious" javascript in their browser URL bar, which led to them unknowingly sharing the content. Facebook engineers have been working to reduce this browser vulnerability. Facebook and other "Web 2.0" sites are easy targets for such attacks because they pull in a lot of content from outside sources, according to Paul Ferguson, senior threat researcher at Trend Micro Inc.
"It seems every other day there is some new Facebook 'threat,' but this is just the new reality of Web 2.0 and social networking," Ferguson said. "It is 'low-hanging fruit' for criminals.