Facebook has identified the source of a hack that subjected thousands of users to graphic photographs of violence and pornography on Tuesday.

Although Facebook has not made the identification public, the company has revealed that they are working with their legal team to ensure that all the appropriate consequences follow.

Meanwhile, Facebook engineers have been working hard to eliminate as much of the spam as possible. They have built tools to block the virus that exploited many of the company's Web browsers.

The spam attack worked via a self-XSS vulnerability in the browser, Facebook told the BBC. During this attack, users were tricked into pasting and executing malicious javascript in their browser URL bar causing them to unknowingly share this offensive content. No user data or accounts were compromised during this attack.

On Tuesday, thousands of Facebook users posted status updates and tweeted about images of self- mutilation, sexual intercourse, bestiality and extreme violence from across the world. I am going to be off Facebook until this latest vile & disgusting virus/worm issue (& its sick pictures) is eradicated, Twitter user Blcamp wrote in a post. Some users have even threatened to close their accounts completely until the issue is solved.

This seems to be a purely malicious act. Facebook has a reputation for maintaining a reasonably family friendly environment and most Facebook users don't expect dead dogs and penises showing up on their wall, said Chester Wisniewski, a senior security advisor at Sophos. 

Although malicious accounts have been quarantined Facebook have urged their users to be careful, offering the following tips:

-Don't ever copy and paste code into your browser's address bar unless you're confident the source is legit.

-Make sure your browser is up to date.

-Report anything weird that you see on Facebook using the report links throughout the social network

For those who suspect that malware has already gotten a hold of their Facebook account; there are three simple steps to attempt to make your account secure again:

-Change your password. This can be done by visiting your account settings. Be sure to use a strong password with a mix of numbers, symbols, capital and lowercase letters and no dictionary words if possible.

-While you're in your settings, remove any unwanted Facebook apps. This could be the culprit, or the malware could have installed an app without your knowledge.

-Run a virus and malware scan on your entire system.