11 Comments

spammedtrest
Summary:

Now that social curation site Pinterest has become the hot-new social thing, with loads of traffic and highly addicted community, it seems to be time for spammers to take advantage of its traffic and intense virality. Earlier this evening the company came under a spam attack.

UpdateNow that social curation site Pinterest has become the hot-new social thing, with loads of traffic and highly addicted community, it seems to be time for spammers to take advantage of its traffic and intense virality.

Earlier this evening, some kind of spam-exploit injected  javascript code that started replacing many Pinterest photos with ads for Best Buy. (see photo.) The actions resulted in disgruntled users blaming Pinterest. A recent study claimed that Pinterest was referring more traffic on the web.

Pinterest is now driving more referral traffic on the web than Google+, YouTube, Reddit, and LinkedIn — combined. That’s according to Shareaholic’s January 2012 referral trafficreport, which is based on aggregated data from more than 200,000 publishers that reach more than 260 million unique monthly visitors each month.

In the era of social, what is amazing is how quickly the spam attacks can spread and have an impact. I sincerely hope Pinterest has brought this under control. I for one, am rooting for that hot little company.

Update: Pinterest co-founder/CEO Ben Silbermann emailed with this statement: “We had an opportunity to identify the problem and put in a fix a couple hours after a user reported it to us. We are keeping a close eye on it this weekend.”

You’re subscribed! If you like, you can update your settings

  1. Until this article, I had not heard of this Pinterest. Penalties for this type of abuse need to be much more severe.

  2. It didn’t replace pictures. It added pictures without your consent. It also liked posts and started following people without your consent. You can undo all that by deleting, but it seems fairly insecure.

  3. That “hot little company” Pinterest, is harming photographers and their businesses through Terms of Service that allow the company to use images, without payment to photographers…. Most users don’t even know it.

    1. That is not an accurate statement.

  4. the internet is slowly dying

  5. Very unfortunate and unfortunately all too common. It was probably a cross site scripting (xss) attack. These attacks are very difficult to prevent and many big websites including Nytimes.com and Symantec.com have been hit by xss exploits and man-in-the-middle attacks.

  6. Benton Bailey Sunday, March 18, 2012

    With its rapid growth, this type of abuse is not surprising to me.

    http://www.iPinterest.com

  7. TylerMadeAFunny Sunday, March 18, 2012
  8. indhulsheena Sunday, March 18, 2012

    Reblogged this on indhulsheena.

  9. This is not spam, this is another way to buy traffic guide. Dilan.

  10. This attack was a persistent cross-site scripting attack using an unsanitized iframe in the description textarea. The iframe loaded Javascript from an overseas site and posted back like+follow to Pinterest. It also hid the ‘report this pin’ and ‘edit’ buttons from the UI.

    I happened to be on Pinterest at the time and captured data, screenshots, and the exploit code.

Comments have been disabled for this post