Facebook Removes Porn Following Spam Attack, Anonymous Not Blamed

Facebook has said that it has removed most of the pornographic and violent images that polluted the social networking site earlier this week, following a spam attack.

A browser vulnerability was blamed by the 800-million member social network, which meant that spammers could tempt users into following links that would populate their timelines with images of pornography and violence.

The BBC reports that Facebook has told the broadcaster that it knows who was responsible for the spamming attack, and that it was not an Anonymous hacktivist - something that had been suggested yesterday.

"The firm is understood to be working with its legal department to take action against the suspected attacked," the BBC said.

Facebook said: "During this attack, users were tricked into pasting and executing malicious javascript in their browser URL bar causing them to knowingly share this offensive content. No user data or accounts were compromised during this attack."

The social network said that its engineers have shut down malicious pages and build enforcement mechanisms to shut down accounts that attempt to exploit the vulnerability.

Facebook also offered the following advice:

- Never copy and paste unknown code into the address bar

- Always use an up-to-date browser

- Use the report links on Facebook to flag suspicious behaviour or content on friends' accounts.

Chester Wisniewski of security firm Sophos said on the company's blog: "This seems to be a purely malicious act. Facebook has a reputation for maintaining a reasonably family-friendly environment.

"Hopefully whichever browser it is that has the flaw will provide a fix ASAP, but as we know most people are slow to apply updates regardless of which browser they use (expect Chrome)."

Wisniewski added that the attack could probably be used against other websites as well if users could be tricked into pasting the malicious code into their address bar.