Facebook admitted last Friday, February 15 that its systems were hacked last month by an unidentified hacker group. The attack was sophisticated, but no users data was compromised.
According to Facebook, last month some employees of the company visited a mobile developer’s website which was infected. An employee accidentally installed “malware” on his laptop. This installed malware later led to a “sophisticated attack” via Oracle’s Java vulnerability. As soon as Facebook noticed that, the company started to look into the matter and found no user data was compromised. Now Facebook has fixed the infected machines, informed the authorities and initiated an investigation. Facebook wrote in its security blog post:
Last month, Facebook Security discovered that our systems had been targeted in a sophisticated attack. This attack occurred when a handful of employees visited a mobile developer website that was compromised. The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day.
When Facebook was asked about the motive or origin of the attack, it declined to comment. But a security expert at another company with knowledge of the matter said, he was told that Facebook attack appeared to have originated in China. However, after such incident, users have been advised to disable Java. If you don’t know how to disable Java your web browser, you can see that here.