" />
Social Media

Just like Twitter, Facebook admits it was a victim of a “sophisticated” zero-day hack in January

Just like Twitter, Facebook admits it was a victim of a “sophisticated” zero-day hack in January

Facebook was the victim of a significant, sophisticated, and hitherto unseen, zero-day hack in January, according to a statement released by the company today.  The company says that the attack was discovered last month when “a handful of employees visited a mobile developer website that was compromised.”

Facebook says that it has found no evidence that users’ data was compromised.

The news comes just two weeks after Twitter admitted that it was also hacked.  Writing on its site at the time Twitter warned that its hack was not an “isolated incident” and that it believed that “other companies and organizations have also been recently similarly attacked.”

The Twitter hack resulted is some users’ user names and salted passwords being released. Anecdotally, Google’s Gmail service has also seen an increase in attempted hacks in the past number of weeks.

Writing on its press site the social network said police and security service have been informed are conducting an ongoing investigation.

“Last month, Facebook Security discovered that our systems had been targeted in a sophisticated attack. This attack occurred when a handful of employees visited a mobile developer website that was compromised. The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day. We have no evidence that Facebook user data was compromised in this attack.”

Facebook says its investigation has tracked down the domain which installed malware on employees’ laptops and conducted a “forensic examination” of the compromised laptops. The malware targeted the laptops’ Java services and was able to bypass some of the devices’ internal security systems.

According to Facebook, Oracle was able to produce a security patch on February 1 (the  day before Twitter reported its hack).

Echoing Twitter’s warning from February 2 Facebook says that it was not the only company to have been attacked;

“Facebook was not alone in this attack. It is clear that others were attacked and infiltrated recently as well. As one of the first companies to discover this malware, we immediately took steps to start sharing details about the infiltration with the other companies and entities that were affected. We plan to continue collaborating on this incident through an informal working group and other means.”

While there is no confirmation that the Twitter and Facebook hacks are related it is likely the case.  It is also highly worrying that both sites should be targeted by what they both describe as “sophisticated hacks” at the same time.

This leads to the question: will we see more revelations from other social networks soon?

Click to add a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Social Media
@pdscott

Piers Dillon-Scott is co-editor of The Sociable and writes about stuff he finds. He likes technology, media, and using the Oxford comma (because it just makes sense).

More in Social Media

Punks at heart: the tech-savvy reinvention of corporate social responsibility

Daniel SanchezSeptember 20, 2017
twitter bots ddos

Twitter bots launch new generation DDoS attack to deny freedom of speech

Zac LavalSeptember 16, 2017
technology Harvey and Irma

How technology brought communities together in a fight against Harvey and Irma

Zac LavalSeptember 15, 2017
youtube stars

How to find success in the multi million dollar industry of YouTube stars

Sam Brake GuiaSeptember 12, 2017
technology related anxiety

How technology has stressed us all out, and how it can help

Nicolas WaddellSeptember 11, 2017
world news

Has technology broken the media? How valuable content can triumph over fake news

Ben AllenSeptember 9, 2017
social platforms

3 Tech platforms that are improving our social lives

Ben AllenAugust 31, 2017
action sports technology

Action sports are continuing to take tech in their own direction

Ben AllenAugust 30, 2017
Integrating startups into Facebook's Monopoly Machine

Integrating startups into the Facebook monopoly

Omar ElorfalyAugust 30, 2017