The heart of tech is coming to the heart of the Mediterranean. Join TNW in València this March 🇪🇸

This article was published on May 12, 2011

Script that gives hackers access to user accounts floods Facebook

Script that gives hackers access to user accounts floods Facebook

A widespread hack spread across Facebook early Thursday morning and shows no signs of abating as of yet. It comes in the form of a script that posts heavily profanity-laden wall posts continuously, instructing you that the only way to remove the posts is to click a ‘Remove This App’ link.

Unfortunately the link is a hoax and allows the malicious script to access your Facebook account. Your account will then continue to spread the script in the form of similarly formatted wall posts on your friends accounts.

The message uses the phrase ‘Vote for Nicole Santos’, leading some to believe that it is a high school prank related to Prom season.

Here is a link to the raw code of the script causing the problems on Facebook. If any of you commenters have any suggestions as to how this might have been injected in the first place please do let us know.

Unsurprisingly many are trying to trace the source back to the ‘Nicole Santos’ that may have originated it, although it’s unclear whether this person would be the originator or just a victim of the hack.

As of now the only solution seems to be not to click on the link or any link requiring that you ‘Verify you account to prevent spam’ as this may be how the hack gains access to your Facebook wall in the first place. Simply block the friend sending it to you as their account is now compromised. Once the problem has been fixed by Facebook you can re-enable them.

A Facebook spokesperson said:

“This spam was spread by a vulnerability in our code and we worked quickly to resolve this matter. The bug caused a small number of spam comments to be posted to users’ walls, and we are in the process of cleaning up any spam it may have caused.”

The spokesperson also confirmed that the bug was in their handling of certain story types that “improperly allowed a specific-category of URLs (javascript: URLs)”, before it pushed out a fix that restricted links of this kind.

We will continue to update you on the hack and it’s effects, check back with this post for more information.