Jump to content
Login new information ×
Login new information

Facebook was hacked, computers were compromised

nsane.forums

By nsane.forums
in Security & Privacy News

Recommended Posts

nsane.forums

nsane.forums

Posted
Posted

Facebook has admitted today that a number of its employees had their laptops infected with malware due to a "zero day" Java exploit. Facebook says the company's user data was not affected.

dZQ4F0T.jpg

Facebook has now stated it is the latest company to fall victim to a cyber attack, but added that there's no evidence that the attack affected any of the company's user data; Facebook revealed the details in a post on its security blog.

The blog post stated that the problems were caused due to a number of its employees checking out an unnamed mobile developer website on their laptops that had become infected with malware. The laptops themselves had malware installed on their PCs after they visited said website. Facebook added:

In this particular instance, we flagged a suspicious domain in our corporate DNS logs and tracked it back to an employee laptop. Upon conducting a forensic examination of that laptop, we identified a malicious file, and then searched company-wide and flagged several other compromised employee laptops.

The infected website used Java to transmit the malware. Facebook said they alerted Java creator Oracle and they have since issued a patch to Java that closes the exploit. This would seem to be just the latest in a string of Java-related security issues that have cropped up in the past several months. Facebook said that it has since "remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day."

view.gifView: Original Article

Link to comment
Share on other sites
  • Replies 13
  • Views 2.7k
  • Created
  • Last Reply
xpmule

xpmule

Posted
Posted

it had nothing to do with updating their software.

it was a 0day (unknown publicly) exploit..

and once AGAIN it was targeted at people who have teh Java browser plugin installed and enabled.

it happens because it happens.. hackers gonna hack lol

i decided long ago i don't need it anymore and don't have any Java installed on my machine.

Link to comment
Share on other sites
dcs18

dcs18

Posted
Posted

I don't see how this makes for a breaking news - every time somebody on Planet Earth decides to take a leak, lo behold FaceBook is hacked!!!

BTW, it's a pity - they didn't bust it . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . permanently.

Link to comment
Share on other sites
ASIO

ASIO

Posted
Posted

I don't see how this makes for a breaking news - every time somebody on Planet Earth decides to take a leak, lo behold FaceBook is hacked!!!

BTW, it's a pity - they didn't bust it . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . permanently.

lol

Link to comment
Share on other sites
babelpatcher

babelpatcher

Posted
Posted

that happens when people don't upgrade their softwares.

it had nothing to do with updating their software.

it was a 0day (unknown publicly) exploit..

and once AGAIN it was targeted at people who have teh Java browser plugin installed and enabled.

it happens because it happens.. hackers gonna hack lol

i decided long ago i don't need it anymore and don't have any Java installed on my machine.

i can do all my pc work without using java :D

i never need java :D

Link to comment
Share on other sites
xpmule

xpmule

Posted
Posted

yeah they should take Facebook outr forever.. no one really needs that dumb crap !

i go ocasionaly to check in with family but i hate going there and avoid it as much as i can.

and in case people don;t know you can get an alterantive version of Java to use..

its portable or something like that. that way it avoids your browser for security reasons..

Link to comment
Share on other sites
chlorophyll

chlorophyll

Posted
Posted

i want FB totally FKCD UP..i dont lik IT

Link to comment
Share on other sites
Dodel

Dodel

Posted
Posted

What do you think the developers of these exploits will do, just shrivel up and die ?..

Removing Java isn't the solution and never will be. I agree Java does have too many exploitable holes, but so does the majority of other software & hardware in day to day use.

If you wish to stay totally secure, stay offline OR educate yourself on, how to be secure online, even the basics.

People need to stop bashing Java, see that it's still in active development and has regular updates. It wouldn't surprise me if half the actual exploits used, stem from the "toolbar addon" which is deployed with every Java update, naughty Oracle.

I'm not shouting from my ivory tower saying that I'm right, but it's naive to think that if everyone stopped using Java and the apps associated with it (Minecraft for one example), that the developers of these exploits will just stop, no they would simply move onto the next bit of software used daily, so do we then stop using that too ?.

Regards

Dodel.

Link to comment
Share on other sites
  • Administrator
DKT27

DKT27

Posted
  • Administrator
Posted

What do you think the developers of these exploits will do, just shrivel up and die ?..

Removing Java isn't the solution and never will be. I agree Java does have too many exploitable holes, but so does the majority of other software & hardware in day to day use.

If you wish to stay totally secure, stay offline OR educate yourself on, how to be secure online, even the basics.

People need to stop bashing Java, see that it's still in active development and has regular updates. It wouldn't surprise me if half the actual exploits used, stem from the "toolbar addon" which is deployed with every Java update, naughty Oracle.

I'm not shouting from my ivory tower saying that I'm right, but it's naive to think that if everyone stopped using Java and the apps associated with it (Minecraft for one example), that the developers of these exploits will just stop, no they would simply move onto the next bit of software used daily, so do we then stop using that too ?.

Regards

Dodel.

It's true that hackers just need softwares to target, however, everything, just everything under Oracle is getting sh*ttier day by day. In the Sun days, things were quite good, more security in mind, more seriousness for the products and services.

One, Oracle should go through and re-check all the Java code. May it take months or year, just do it. And two, devs should switch away from Java. Years ago I had tried Java, and it was bad. Fundamentally, in my opinion, Java coding isn't the best, and it's softwares are generally slower than others.

Link to comment
Share on other sites
keyman

keyman

Posted
Posted

What do you think the developers of these exploits will do, just shrivel up and die ?..

Removing Java isn't the solution and never will be. I agree Java does have too many exploitable holes, but so does the majority of other software & hardware in day to day use.

If you wish to stay totally secure, stay offline OR educate yourself on, how to be secure online, even the basics.

People need to stop bashing Java, see that it's still in active development and has regular updates. It wouldn't surprise me if half the actual exploits used, stem from the "toolbar addon" which is deployed with every Java update, naughty Oracle.

I'm not shouting from my ivory tower saying that I'm right, but it's naive to think that if everyone stopped using Java and the apps associated with it (Minecraft for one example), that the developers of these exploits will just stop, no they would simply move onto the next bit of software used daily, so do we then stop using that too ?.

Regards

Dodel.

+ 1

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...