Facebook Hit By 'Sophisticated' Attack
Facebook on Friday unveiled that it its systems had been targeted in a 'sophisticated' attack last month, adding that there was no evidence that Facebook user data was compromised.
Facebook said the attack occurred when a handful of the company's employees visited a mobile developer website that was compromised. The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software.
Facebook added that it remediated all infected machines, informed law enforcement, and began an investigation.
As part of Facebook's ongoing investigation, the company is working with its internal engineering teams, with security teams at other companies, and with law enforcement authorities.
Facebook flagged a suspicious domain in its corporate DNS logs and tracked it back to an employee laptop. Upon conducting a forensic examination of that laptop, the company's security team identified a malicious file, and then searched company-wide and flagged several other compromised employee laptops.
The compromised website where the attack originated was using a "zero-day" (previously unseen) exploit to bypass the Java sandbox (built-in protections) to install the malware. Facebook has reported the exploit to Oracle, and they provided a patch on February 1, 2013, that addresses this vulnerability.
The attack on Facebook underscores the growing threat of cyber attacks aimed at a broad variety of targets.
Twitter said earlier this month it had been hacked and that about 250,000 user accounts were potentially compromised, with attackers gaining access to information, including user names and email addresses.
Newspaper websites, including those of The New York Times, The Washington Post and The Wall Street Journal, have also been infiltrated.
Earlier this week, U.S. President Barack Obama issued an executive order seeking better protection of the country's critical infrastructure from cyber attacks.
In January 2010, Google reported it had been penetrated via a "zero-day" flaw in an older version of the Internet Explorer Web browser.
Facebook added that it remediated all infected machines, informed law enforcement, and began an investigation.
As part of Facebook's ongoing investigation, the company is working with its internal engineering teams, with security teams at other companies, and with law enforcement authorities.
Facebook flagged a suspicious domain in its corporate DNS logs and tracked it back to an employee laptop. Upon conducting a forensic examination of that laptop, the company's security team identified a malicious file, and then searched company-wide and flagged several other compromised employee laptops.
The compromised website where the attack originated was using a "zero-day" (previously unseen) exploit to bypass the Java sandbox (built-in protections) to install the malware. Facebook has reported the exploit to Oracle, and they provided a patch on February 1, 2013, that addresses this vulnerability.
The attack on Facebook underscores the growing threat of cyber attacks aimed at a broad variety of targets.
Twitter said earlier this month it had been hacked and that about 250,000 user accounts were potentially compromised, with attackers gaining access to information, including user names and email addresses.
Newspaper websites, including those of The New York Times, The Washington Post and The Wall Street Journal, have also been infiltrated.
Earlier this week, U.S. President Barack Obama issued an executive order seeking better protection of the country's critical infrastructure from cyber attacks.
In January 2010, Google reported it had been penetrated via a "zero-day" flaw in an older version of the Internet Explorer Web browser.
