The Hacker Way runs both directions: Facebook suffers from a malware attack

Mark Zuckerberg likes to expound on the “Hacker Way” as the ethos of his social networking company, but Facebook recently encountered some hackers of a more unfriendly nature. Facebook revealed on Friday that it was the target of a malicious attack last month. In a blog post, Facebook stated that the threat was contained and that it found no evidence that Facebook user data was compromised.

Here’s an excerpt from the blog post (emphasis Facebook’s):

Last month, Facebook Security discovered that our systems had been targeted in a sophisticated attack. This attack occurred when a handful of employees visited a mobile developer website that was compromised. The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day.

We have found no evidence that Facebook user data was compromised.

As part of our ongoing investigation, we are working continuously and closely with our own internal engineering teams, with security teams at other companies, and with law enforcement authorities to learn everything we can about the attack, and how to prevent similar incidents in the future.

The blog post went on to say that the malware exploited a previously unknown, or “zero day,” vulnerability in its Java sandbox software to plant itself in multiple employees’ PCs. Facebook’s security team traced the attack to a suspicious domain, and then informed Java overlord Oracle, which then provided a patch on Feb. 1 to fix the vulnerability.

Facebook added that it wasn’t the only company targeted the attack, but it was one of the first to identify it. The social network said it is working closely with law enforcement and the other targeted companies, but so far the hacker group hasn’t been identified.

Note that Facebook didn’t say for certain that no user data was stolen. It only said it found no evidence of data being compromised. Nor did Facebook provide any details on what data the hackers had access to. We’ll update this story as we learn more.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

  • Facebook’s IPO filing: ideas and implications
  • Connected world: the consumer technology revolution
  • Social 2013: The enterprise strikes back


GigaOM