Facebook Hit in ‘Sophisticated’ Attack

Facebook Hit in ‘Sophisticated’ Attack

Facebook has revealed it was targeted by hackers last month, but says user data was not compromised.

The social media network says its safety systems were targeted in a ‘sophisticated’ attack when a handful of workers visited a mobile developer website.

The compromised internet site hosted an exploit which then allowed malware to be installed onto the employee laptops.

A spokesman from Facebook said: “The laptops had been fully-patched and running up-to-date anti-virus computer software. As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement and began a important investigation that continues to this day.”

User Data Compromised?

The US-firm said it has no proof that suggests Facebook user information was compromised in the attack.

It stated it invests heavily in stopping, detecting and responding to threats that target its infrastructure as it is frequently targeted by hackers wanting to disrupt or access its information.

Facebook is now functioning closely with internal engineering teams, security teams at other firms, and with law enforcement authorities, in a bid to understand everything about the attack, and to appear at how it can prevent similar incidents in the future.

Program Vulnerability

Soon after analyzing the compromised web site where the attack originated, Facebook found the internet site was making use of a previously unseen ‘zero-day’ exploit to bypass the constructed-in protections from Java sandbox, permitting it to install the malware onto the laptops.

Facebook said it flagged a suspicious domain in its corporate DNS logs and soon tracked it back to an employee laptop.

Upon conducting a ‘forensic examination’ of that laptop, it identified a malicious file, so subsequently carried out a company-wide system search and as a result, flagged many other compromised employee laptops.

Are Hackers Taking More than?

Facebook stated it was not alone in the attack and investigations into the breach are continuing,

“We instantly took steps to commence sharing specifics about the infiltration with the other organizations and entities that had been impacted,” a Facebook spokesman added.

“We strategy to continue collaborating on this incident by way of an informal working group and other means.”

As reported by TechBeat earlier this month, social media giant Twitter was a victim of an internet security attack.

It was believed info from 250,000 customers of the micro-blogging site could have been compromised by hackers. The New York Instances and Wall Street Journal also reported breaches of their systems.

[Image through arstechnica]

TechBeat

Category: