A year and a half ago Google began supporting the cross domain canonical tag
and some people were concerned there would be ways to abuse the system. Well, even Google was concerned, which is why they waited ten months
to introduce the cross domain version of the canonical tag
I've haven't heard much of people complaining that their site was negatively impacted by the tag.
But now, it seems like hackers who focus on SEO hacking, have been recently targeting vulnerable sites and stealing (or hijacking) their traffic with this tag.
thread has well-known moderator, goodroi, reporting he is seeing hackers exploit this tag now.
It isn't an issue with the canonical tag specifically, but rather hackers gaining access to a server and the site's code and basically redirecting the domain name to a third-party site. goodroi said:
I came across a website with canonical tags setup on all of their pages and they were pointing to a spam site. I suspect someone hacked in and changed the canonical tags to siphon link juice. Now that cross cross-domain canonical tags are supported I would not be surprised if this becomes more common.
The canonical tag is a small line of code that is easy to overlook despite its large implications.
It is so important to stay on top of your security patches and make sure your sites are hacker-free - if there is such a thing. The canonical tag is almost as strong and setting up a 301-redirect from a domain to a different domain. So be careful!