Thousands of Facebook users are reporting an influx of spam on their walls containing images of violence, pornography, animal abuse, and even death. The images are said to appear on users' timelines without their knowledge, and are visible only to their friends and not to the user themselves, making them impossible to remove. Facebook has confirmed to ZDNet that the issue exists, and that its teams are working to uncover the source of the problem, but as yet is unsure what's causing the exploit. Rumors that Anonymous is behind the attacks appear to be unfounded, with the group not claiming responsibility.
Despite the lack of certainty from Facebook itself, it seems likely that the spam is caused by the now all-too-familiar clickjacking apps that have plagued the platform for years. The apps function on a promise — Like the page to reveal the latest celebrity mishap, or see the moment a dictator was captured — which lures people in without thinking about what permissions they might be providing and to whom. The writers of these applications can then abuse these privileges to advertise, gather data on users, and spread like any other malware through a computer system. This isn't the first time we've seen Facebook's security called into question, and it seems unlikely that it'll be the last.