" />
Social Media

Just like Twitter, Facebook admits it was a victim of a “sophisticated” zero-day hack in January

Just like Twitter, Facebook admits it was a victim of a “sophisticated” zero-day hack in January
piers.scott@sociable.co'

Facebook was the victim of a significant, sophisticated, and hitherto unseen, zero-day hack in January, according to a statement released by the company today.  The company says that the attack was discovered last month when “a handful of employees visited a mobile developer website that was compromised.”

Facebook says that it has found no evidence that users’ data was compromised.

The news comes just two weeks after Twitter admitted that it was also hacked.  Writing on its site at the time Twitter warned that its hack was not an “isolated incident” and that it believed that “other companies and organizations have also been recently similarly attacked.”

The Twitter hack resulted is some users’ user names and salted passwords being released. Anecdotally, Google’s Gmail service has also seen an increase in attempted hacks in the past number of weeks.

Writing on its press site the social network said police and security service have been informed are conducting an ongoing investigation.

“Last month, Facebook Security discovered that our systems had been targeted in a sophisticated attack. This attack occurred when a handful of employees visited a mobile developer website that was compromised. The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day. We have no evidence that Facebook user data was compromised in this attack.”

Facebook says its investigation has tracked down the domain which installed malware on employees’ laptops and conducted a “forensic examination” of the compromised laptops. The malware targeted the laptops’ Java services and was able to bypass some of the devices’ internal security systems.

According to Facebook, Oracle was able to produce a security patch on February 1 (the  day before Twitter reported its hack).

Echoing Twitter’s warning from February 2 Facebook says that it was not the only company to have been attacked;

“Facebook was not alone in this attack. It is clear that others were attacked and infiltrated recently as well. As one of the first companies to discover this malware, we immediately took steps to start sharing details about the infiltration with the other companies and entities that were affected. We plan to continue collaborating on this incident through an informal working group and other means.”

While there is no confirmation that the Twitter and Facebook hacks are related it is likely the case.  It is also highly worrying that both sites should be targeted by what they both describe as “sophisticated hacks” at the same time.

This leads to the question: will we see more revelations from other social networks soon?

Click to add a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Social Media
piers.scott@sociable.co'
@pdscott

Piers Dillon-Scott is co-editor of The Sociable and writes about stuff he finds. He likes technology, media, and using the Oxford comma (because it just makes sense).

More in Social Media

south sudan

South Sudan: How 1 Facebook post may have sparked 26K exodus to Uganda

Tim HinchliffeJuly 23, 2016
blocking whatsapp

What’s up with blocking WhatsApp? Information control in Brazil, Turkey & Zimbabwe

Tim HinchliffeJuly 19, 2016
turkey coup

Turkey coup: to control social media is to influence the outcome

Tim HinchliffeJuly 16, 2016
social experiment

Israeli social experiment: 1.2K Likes for Jewish ‘terrorist threat’, Arab summoned by police

Tim HinchliffeJuly 14, 2016
Social Hangout

Sup’s new social hangout works like a friend radar for meeting face-to-face

Oliver GriffinJuly 8, 2016
Web Hosting

5 Secure web hosting hacks for scaling successful social media campaigns

Guest ContributorJuly 6, 2016
social networking

Snupps is a virtual social networking shelf of everything you love

Tim HinchliffeJuly 5, 2016
SEO Rankings

The evolution of SEO rankings through social media

Guest ContributorJune 16, 2016
Social Media Meltdowns

8 social media meltdown lessons from Santa Fe Comic Con

Guest ContributorJune 14, 2016