Facebook has successfuly fiexed a bug, that allowed malware to take over accounts. The hoax was basically a post, that urged people to vote for Nicole Santos. It said, that the only way to remove them is to disable them by clicking on a link, which said “remove this app”. By doing that, it allows the malicious code to access your Facebook account and post the hoax to your friends’ pages.
“This spam was spread by a vulnerability in our code and we worked quickly to resolve this matter.” Facebook
“The bug caused a small number of spam comments to be posted to users’ walls, and we are in the process of cleaning up any spam it may have caused.” Facebook
The vulnerability basically was to allow people to post malicious code in comments and they were treated as URLs. The company is removing the posts from users’ pages, but the malware continues to spread when people click on the links.
The Facebook hoax has already taken on a life all its own. “Nicole Santos” was a trending topic on Twitter and a bunch of anti-Nicole Santos Facebook pages were created. Someone began selling a “Vote for Nicole Santos” shirt on e-commerce site Etsy. And a comedian created a rap music video called “You Just Got Hacked: A Nicole Santos Musical Parody.”
I think, this post clearly shows, how people can be manipulated by anything that is spread across facebook. If it would have been a more serious thread, a lot of user could have been hacked, by just clicking on links stupidly.