Just like Twitter, Facebook admits it was a victim of a “sophisticated” zero-day hack in January
Facebook was the victim of a significant, sophisticated, and hitherto unseen, zero-day hack in January, according to a statement released by the company today. The company says that the attack was discovered last month when “a handful of employees visited a mobile developer website that was compromised.”
Facebook says that it has found no evidence that users’ data was compromised.
The news comes just two weeks after Twitter admitted that it was also hacked. Writing on its site at the time Twitter warned that its hack was not an “isolated incident” and that it believed that “other companies and organizations have also been recently similarly attacked.”
The Twitter hack resulted is some users’ user names and salted passwords being released. Anecdotally, Google’s Gmail service has also seen an increase in attempted hacks in the past number of weeks.
Writing on its press site the social network said police and security service have been informed are conducting an ongoing investigation.
“Last month, Facebook Security discovered that our systems had been targeted in a sophisticated attack. This attack occurred when a handful of employees visited a mobile developer website that was compromised. The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day. We have no evidence that Facebook user data was compromised in this attack.”
Facebook says its investigation has tracked down the domain which installed malware on employees’ laptops and conducted a “forensic examination” of the compromised laptops. The malware targeted the laptops’ Java services and was able to bypass some of the devices’ internal security systems.
According to Facebook, Oracle was able to produce a security patch on February 1 (the day before Twitter reported its hack).
Echoing Twitter’s warning from February 2 Facebook says that it was not the only company to have been attacked;
“Facebook was not alone in this attack. It is clear that others were attacked and infiltrated recently as well. As one of the first companies to discover this malware, we immediately took steps to start sharing details about the infiltration with the other companies and entities that were affected. We plan to continue collaborating on this incident through an informal working group and other means.”
While there is no confirmation that the Twitter and Facebook hacks are related it is likely the case. It is also highly worrying that both sites should be targeted by what they both describe as “sophisticated hacks” at the same time.
This leads to the question: will we see more revelations from other social networks soon?