Facebook announced on Friday that it had been the target of a series of attacks from an unidentified hacker group, which resulted in the installation of malicious software onto Facebook employee laptops.
“Last month, Facebook security discovered that our systems had been targeted in a sophisticated attack,” the company said in a blog post. “The attack occurred when a handful of employees visited a mobile developer website that was compromised.”
Facebook said that these employees then had malware installed on their laptops as a result of their visiting the website. The hack used what is called a “zero-day Java exploit,” a known vulnerability in Oracle’s software which has gained much attention in recent months. Essentially, anyone visiting a website using this attack who also has Oracle’s Java enabled in their browser was vulnerable. As a result, hackers inserted malware onto the laptops of multiple Facebook employees.
“As soon as we discovered the presence of malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day,” the post read.
In the company’s post, Facebook notes that it had “found no evidence that Facebook user data was compromised.”
Facebook did not say what the hackers did have access to, however, after the installation of said malware.
Facebook’s announcement comes on the heels of a string of recent attacks on other major websites. Twitter, the microblogging social network that hosts more than 200 million active users on its service, announced it had been hacked two weeks ago, and that upward of 250,000 user accounts may have been compromised as a result.
Other targets have included the Washington Post, the New York Times and The Wall Street Journal, all of which have said they believe that the Chinese government was somehow involved in their system infiltration.
But both Facebook and Twitter, in their respective blog posts, made no accusation or direct comparison to the hacks made on the Times, the Journal or the Post.
Facebook declined to comment when asked if the company suspected the Chinese government was involved.
Something to note, however: Facebook directly points to the zero-day exploit, which takes advantage of Oracle’s Java vulnerability, as the root cause of the attack. While Twitter did not detail the exact methods of how its systems were infiltrated, Twitter director of information security Bob Lord reminded users that security experts strongly recommend turning off the problematic Java inside of their browsers.
That could suggest that the two attacks were connected, though neither company says as much outright. But both Facebook and Twitter included language in their posts that their respective companies were part of a larger series of attacks on multiple companies over the past few months.
“Facebook was not alone in the attack. It is clear that others were attacked and infiltrated recently as well,” the company’s post says.
Twitter did not immediately respond to a request for comment.
The string of hacks also come as U.S. President Barack Obama recently released an executive cybersecurity order during his State of the Union address earlier this week, which would better allow government agencies to share information related to cyber-espionage and attacks within the private sector, while avoiding many of the unpopular concessions that the previously proposed CISPA made.
For now, however, Facebook will continue its investigation with law enforcement, as well as pursue its own “informal” cooperative investigation with others in the space.
“As one of the first companies to discover this malware, we immediately took steps to start sharing details about the infiltration with the other companies and entities that were affected. We plan to continue collaborating on this incident through an informal working group and other means.”
Tuesday, February 19, 2013
Facebook Hacked, Claims "No Evidence of User Data Compromised" - Mike Isaac - Social - AllThingsD