Facebook in Germany said the latest attack tricked users into pasting and executing malicious JavaScript in their browser URL bar, exploiting a browser vulnerability that caused them to unknowingly share the content, according to a statement to news agency dapd.
"Our team responded quickly and we have eliminated most of the spam caused by this attack," the statement said. "We are now working to improve our systems to better defend against similar attacks in the future."
According to Facebook, no user data or accounts were compromised during the attack.
Facebook said it built enforcement mechanisms to quickly shut down the malicious pages and accounts that attempt to exploit the vulnerability.
"Protecting the people who use Facebook from spam and malicious content is a top priority for us," Facebook said.
Meantime, Facebook warned users to never cut and paste unknown code into a browser's address bar, and to always use an up-to-date browser, as well as to flag and report any suspicious content.
