随后,恶意软件会安装到这些员工的笔记本中。黑客团体利用了所谓的“Java零日漏洞”,这是甲骨文 软件中一个众所周知的漏洞,最近几个月以来备受关注。
基本上来说,访问被盗用网站同时在浏览器中开启Java功能的用户最容易受到攻击。其结果是,黑客子啊多名Facebook员工的笔记本中植入 了恶意软件。Facebook称:“发现恶意软件存在以后,我们马上设法修复所有受影响的电脑,通知了执法机关,开始展开一项重大调查,这项调查持续到现 在。”
Facebook指出,该公司“并未发现有证据表明Facebook用户数据被盗用”,但并未透露黑客获取了什么信息。
其他大型网站也在最近遭遇了一系列攻击。Twitter宣布,该网站在两周前遭遇了攻击,其结果是25万多个用户账号可能已被盗用。其他被攻击目标还包括《华盛顿邮报》网站、《纽约时报》网站和《华尔街日报》网站等。
...And Facebook Got Hacked, Too
Seems you can't turn around without hearing of another big company having its shirt pulled over its head by hackers. The New York Times and the Wall Street Journal both got exploited by Chinese hackers recently, and a Michigan television station put out a zombie-related Emergency Alert message in a clever, though probably momentarily distressing, hack. Just this morning, UBM announced that its website enterpriseefficiency.com was taken down due to a full-scale denial-of-service attack on its networks.
And now Facebook has announced that some of its machines were infected.An announcement on the company's Newsroom blog– posted in the bad-news graveyard of Friday afternoon leading into a long weekend – revealed that the social networking site was targeted by a "sophisticated attack" last month.
When a handful of Facebook employees visited a compromised mobile developer website, a hosted exploit snuck malware onto their devices. Thanks to antivirus software, Facebook discovered the attack and "remediated" the machines – by which we can only hope means they were fantastically destroyed (though probably they were just wiped and restored).
After alerting law enforcement, Facebook says it launched a "significant investigation" that's still underway. The company also claims that no user data was compromised in the attack. Facebok offereda more detailed explanation on its security blog, excerpted below:
After analyzing the compromised website where the attack originated, we found it was using a "zero-day" (previously unseen) exploit to bypass the Java sandbox (built-in protections) to install the malware. We immediately reported the exploit to Oracle, and they confirmed our findings and provided a patch on February 1, 2013, that addresses this vulnerability.
Facebook was not alone in this attack. It is clear that others were attacked and infiltrated recently as well. As one of the first companies to discover this malware, we immediately took steps to start sharing details about the infiltration with the other companies and entities that were affected. We plan to continue collaborating on this incident through an informal working group and other means.