Seems you can’t turn around without hearing of another big company having its shirt pulled over its head by hackers. The New York Times and the Wall Street Journal both got exploited by Chinese hackers recently, and a Michigan television station put out a zombie-related Emergency Alert message in a clever, though probably momentarily distressing, hack. Just this morning, UBM announced that its website enterpriseefficiency.com was taken down due to a full-scale denial-of-service attack on its networks.
And now Facebook has announced that some of its machines were infected. An announcement on the company’s Newsroom blog – posted in the bad-news graveyard of Friday afternoon leading into a long weekend – revealed that the social networking site was targeted by a “sophisticated attack” last month.
When a handful of Facebook employees visited a compromised mobile developer website, a hosted exploit snuck malware onto their devices. Thanks to antivirus software, Facebook discovered the attack and “remediated” the machines – by which we can only hope means they were fantastically destroyed(though probably they were just wiped and restored).
After alerting law enforcement, Facebook says it launched a “significant investigation” that’s still underway. The company also claims that no user data was compromised in the attack. Facebok offered a more detailed explanation on its security blog, excerpted below:
After analyzing the compromised website where the attack originated, we found it was using a “zero-day” (previously unseen) exploit to bypass the Java sandbox (built-in protections) to install the malware. We immediately reported the exploit to Oracle, and they confirmed our findings and provided a patch on February 1, 2013, that addresses this vulnerability.
Facebook was not alone in this attack. It is clear that others were attacked and infiltrated recently as well. As one of the first companies to discover this malware, we immediately took steps to start sharing details about the infiltration with the other companies and entities that were affected. We plan to continue collaborating on this incident through an informal working group and other means.