Facebook and FBI Jointly Investigate Malicious Online Assault
Facebook Inc., which runs a social network of an unmatched size with over 1bn members, has engaged to investigate one malicious attack in collaboration with USA's FBI; published Bloomberg.com dated February 16, 2013.
In a posting online, Facebook, on 15th February 2013, stated that an advanced hacker assault hit the social site during January 2013, however, there was reportedly no theft or leakage of user-data.
Officials at Facebook didn't name the particular malicious program, which the attackers loaded onto several laptops they compromised, although stated that when employees accessed one mobile developer online site their systems became infected because the site harbored a Java exploit. Actually, accessing the site, made it possible for the exploit to abuse one 0-day security flaw within Java which managed in evading the computer application's sandbox that in turn facilitated the malware's loading. Facebook stated that its researchers informed Oracle about the flaw so the latter issued a patch on February 1, 2013 for the Java vulnerability.
Meanwhile, according to Faebook's security team, it works uninterrupted for tracing down cyber-attacks while also supervising its infrastructures for possible assaults. As for the current incident, the team labeled one dodgy domain within its company Domain Name System logs followed with tracing its origin to a staff member's laptop. When that laptop was examined the security team detected one malicious file prompting an investigation across the company thus spotting many other hijacked staff laptops, the team explained. Threatpost.com published this dated February 15, 2013.
Facebook cautions that the attack didn't just target it rather others were hacked into too although those other entities' names weren't specified.
Director of Research, Rob Kraus for Solutionary Security Engineering Research Team stated that it surely wasn't astonishing that Facebook got hacked; after all, the social network had the most enormous cache of user database as well as sensitive information worldwide. Softpedia reported this on February 16, 2013.
Furthermore, according to Kraus, it was necessary that Facebook emulated The New York Times' example so it'd tell which anti-virus software was being utilized on the contaminated employee laptops thus helping the vendors and all other stakeholders adopt suitable measures.
Related article: Facebook - a Concern for Companies
» SPAMfighter News - 20-02-2013