CNet: The latest security fiasco on Facebook’s application platform may involve business pages rather than personal accounts: Sendible, a company that makes software for businesses to manage accounts and presences on various social-media services, looked like it was hit by a virus or hacker on Tuesday afternoon: TechCrunch pointed out that Sendible-managed brand pages on Facebook appeared to be posting malicious links.
Now Sendible’s claiming it wasn’t their fault. “Just to clarify, Sendible was not hacked,” the company posted to its Twitter account. “One of our users has discovered a major flaw in Facebook’s security.” Sendible’s Twitter account then quoted the user in question, who said, “i wanted to post only on a few Facebook walls as a fan – and for some reason, posted as the page Owner. weird,” and Sendible added “This appears to be a bug in Facebook’s API as the posts should have been displayed as the user profile and not the page owner.”
The malicious links, which read “Change Your Facebook Background Here!”, were showing up on brand pages as major as Coca-Cola, Google, and “South Park.”
One Facebook page administrator wrote on Twitter that the sketchy link-posting appeared to be automated and that it attempted to post multiple times. The details don’t completely add up, with the situation certainly looking like a hack of Sendible but with the company itself indicating that the problem is on Facebook’s end.
Facebook did not immediately respond to a request for comment.