The world’s biggest social networking site, Facebook, was hacked last month in what has been described as a ‘sophisticated attack’. Fortunately, however, it appears that no user data has been compromised.
The attack came about in January after some of its developers visited a mobile developer’s website that had already been compromised by a Java exploit.
“Facebook, like every significant internet service, is frequently targeted by those who want to disrupt or access our data and infrastructure.”
Facebook laptops, that were fully patched, then became infected with malware via the Java zero day which was not patched by Oracle until February the 1st.
“As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day.”
The Facebook security team realised that they had been hacked when a suspicious domain in their DNS logs was flagged. Their investigations tracked that back to an employee laptop which contained a malicious file and a company-wide search then led to the discovery that other machines had also been compromised.
According to Facebook they were not the only target of this attack –
“Facebook was not alone in this attack. It is clear that others were attacked and infiltrated recently as well. As one of the first companies to discover this malware, we immediately took steps to start sharing details about the infiltration with the other companies and entities that were affected.”
Whilst the timing of this attack ties in with other high profile cases against media sites, such as The New York Times, their is no word on who was responsible at this time, though I’m sure Chinese hackers have not been ruled out.
Facebook ended their statement with a reminder about their bug bounty program for anyone who submits details of security vulnerabilities that attack their services.