In association with heise online

08 September 2010, 11:02

Facebook closes spamming hole

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Facebook Logo Facebook has closed a vulnerability that spammers were exploiting at the beginning of the week to send out unsolicited spam emails. All Facebook users had to do was click on a link in a message from another user to automatically send spam messages to all of their friends.

The emails claimed, for instance, to concern a lottery at Walmart and contained a link purporting to be from a Facebook app. CNET says that, when the link was clicked on, spammers used a cross-site request forgery (CSRF) hole in the launched Facebook app in order to send out emails without requiring any further intervention by the user.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit