One of the major social networking giant, Facebook said it was the target of hackers but fortunately no user information was compromised during the attack.
“Last month, Facebook security discovered that our systems had been targeted in a sophisticated attack,” the company said in a blog post posted on Friday afternoon, just before the three-day Presidents Day weekend.
“The attack occurred when a handful of employees visited a mobile developer website that was compromised.”
But now the company has fixed the infected machines, and an investigation is under way. The social network, which says it has more than one billion active users worldwide, also said: “Facebook was not alone in this attack. It is clear that others were attacked and infiltrated recently as well.”
While Facebook said no user data was compromised, the incident could raise consumer concerns about privacy and the vulnerability of personal information stored within the social network.
Facebook has made several privacy missteps over the years because of the way it handled user data and it settled a privacy investigation with federal regulators in 2011.
Facebook said it spotted a suspicious file and traced it back to an employee’s laptop. After conducting a forensic examination of the laptop, Facebook said it identified a malicious file, then searched company-wide and identified “several other compromised employee laptops.”
In its statement, Facebook said the attack was launched using a “zero-day,” or previously unknown flaw in its software that exploited its Java built-in protections.
“Zero-day” attacks are rarely discovered and even more rarely disclosed. They are costly to launch and often suggest government sponsorship.
“We are working continuously and closely with our own internal engineering teams, with security teams at other companies, and with law enforcement authorities to learn everything we can about the attack, and how to prevent similar incidents in future.” the company said.
In January 2010, Google reported it had been penetrated via a “zero-day” flaw in an older version of the Internet Explorer Web browser. The attackers were seeking source code and were also interested in Chinese dissidents, and Google reduced its operations in the country as a result.
Latest posts by Mohit Arora (see all)
- What You May Not Know About MD5 Hash Generator 2? - February 19, 2017
- Revive Old Post Plugin Review: Share Old Blog Posts on Social Sites - January 9, 2017
- LSI Keywords – What Are They & Tools To Find Them - December 23, 2016