Facebook has now stated it is the latest company to fall victim to a cyber attack, but added that there’s no evidence that the attack affected any of the company’s user data; Facebook revealed the details in a post on its security blog.
The blog post stated that the problems were caused due to a number of its employees checking out an unnamed mobile developer website on their laptops that had become infected with malware. The laptops themselves had malware installed on their PCs after they visited said website. Facebook added:
In this particular instance, we flagged a suspicious domain in our corporate DNS logs and tracked it back to an employee laptop. Upon conducting a forensic examination of that laptop, we identified a malicious file, and then searched company-wide and flagged several other compromised employee laptops.
The infected website used Java to transmit the malware. Facebook said they alerted Java creator Oracle and they have since issued a patch to Java that closes the exploit. This would seem to be just the latest in a string of Java-related security issues that have cropped up in the past several months. Facebook said that it has since “remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day.“
Facebook was the victim of a Java exploit, computers were compromised – Neowin.