Facebook announced on Friday that it had been a target of a series of sophisticated attacks that resulted in malicious software being installed on certain employee laptops. The incident occurred when a handful of employees visited a mobile developer website that had been compromised.
The discovery was made by Facebook security last month but the social networking site in its blog post was quick to point out emphatically though that "we have found no evidence that Facebook user data was compromised."
The hack was made using a previously unknown ‘zero-day Java exploit’ in Oracle’s software that has been wreaking havoc on normal users as well as major companies all across the world. Users visiting the website with Java enabled on their browsers are vulnerable to this attack.
“As soon as we discovered the presence of malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day,” the post went on to explain.
Facebook says your information is safe
Facebook Chief Security Officer Joe Sullivan said that Facebook’s internal security team worked with a third party to ‘sinkhole’ the attackers’ command server taking over the network traffic coming into it from systems infected by its malware. They discovered traffic coming from several other companies. Facebook duly notified those companies of the attack and has also informed law enforcement.
The investigation is currently being conducted, but it was revealed that while some companies knew about this attack, some were unaware before Facebook stepped in.
According to an Ars Technica report, while Facebook has not given any real detail about when specifically the attack took place, it is being said that it happened almost at the same time as the websites of The New York Times, The Wall Street Journal and Twitter were being attacked.
Earlier this month Twitter owned up to the fact that 250,000 user accounts on its site may have been hacked and their account information compromised. Twitter wrote in its blog that it detected ‘unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data.’ The company had claimed that it managed to detect and shut down a live attack within moments but its investigation had indicated that the attackers may have found limited user information.
Twitter wrote that the hackers could have had access to usernames, email addresses, session tokens and encrypted/salted versions of passwords for approximately 250,000 users. As a precautionary measure, Twitter sent out emails to these users letting them know that the site had reset their passwords and revoked security tokens for their accounts. All these users had to create new passwords to access their accounts.
Suspiciously enough, as the Twitter news came out a day after intermittent outrage disrupted its services, the news about Facebook being hacked too comes one day after the website went down for a short period of time, apparently for ‘maintenance work’.
At around 9:30 AM IST on February 15, users from across the world started reporting seeing a message as they tried to log in to Facebook that informed them that the site was down. The message read, "Facebook Will Be Back Soon Facebook is down for required maintenance right now, but you should be able to get back on within a few minutes. In the meantime, read more about why you're seeing this message. Thanks for your patience as we improve the site."
