08 September 2010, 11:02
Facebook closes spamming hole
Facebook has closed a vulnerability that spammers were exploiting at the beginning of the week to send out unsolicited spam emails. All Facebook users had to do was click on a link in a message from another user to automatically send spam messages to all of their friends.
The emails claimed, for instance, to concern a lottery at Walmart and contained a link purporting to be from a Facebook app. CNET says that, when the link was clicked on, spammers used a cross-site request forgery (CSRF) hole in the launched Facebook app in order to send out emails without requiring any further intervention by the user.
See also:
- The Facebook dislike button scam, a report from The H.
- Facebook crawler collects more than 170 million data sets, a report from The H.
- Security-conscious users consider quitting Facebook, a report from The H.
(crve)
Print Version | Send by email
| Permalink: http://h-online.com/-1074926
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
