So a trusted friend sends me a link to an Acai berry spam site. This is not typical of this person. I went to her location, and many - not all - of her friend's walls have been posted to with the same ad.
I found various resources about the wall hack, none of them definitive, the most common causes being phishing, games with malware payloads, or possibly the security breaches as far back as '08.
We still have access to her account, this person is Phish-wise, and doesn't not mess with FaceBook games. We were able to change her password, and did so . . . then began deleting the posts from her friends' walls. During this time, 6 more appeared. It wasn't until we walked through the process FaceBook offers, which disables the account, does several verifications, etc., that the wall posts stopped.
Does anyone have any further info on possible causes and prevention of the wall hack, or is just anyone on FB vulnerable to it?