CONFERENCE Watch Now: Threat Detection & Incident Response (TDIR) Summit - Watch Event On-Demand
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Facebook Network Hit by ‘Sophisticated’ Attack

SAN FRANCISCO – Facebook said Friday its computer system was “targeted in a sophisticated attack” last month, but that it found no evidence any user data was compromised.

SAN FRANCISCO – Facebook said Friday its computer system was “targeted in a sophisticated attack” last month, but that it found no evidence any user data was compromised.

The company said in a blog post that malware came from an infected website of a mobile developer and that “we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day.”

The attackers used a previously unseen exploit taking advantage of a flaw in Java software made by Oracle, which was alerted to the situation and released a patch the first of February, according to Facebook.

The hackers appeared to be targeting developers and technology firms based on the website they chose to booby-trap with malicious code. “Facebook was not alone in this attack,” the Northern California-based company said.

“It is clear that others were attacked and infiltrated recently as well.” The US intelligence community has concluded that America is the target of a massive cyber-espionage campaign that is threatening its competitiveness, The Washington Post reported just days ago.

Citing unnamed officials, the newspaper said the conclusion is contained in the National Intelligence Estimate, a classified report that represents the consensus view of the US intelligence community.

The document, according to the Post, identifies energy, finance, information technology, aerospace and automotive companies as the most frequent targets of hacking campaigns that appear state sponsored.

Early this month Twitter said it was hammered by a cyber attack similar to those that recently hit major Western news outlets, and that the passwords of about 250,000 users were stolen.

Advertisement. Scroll to continue reading.

“This attack was not the work of amateurs, and we do not believe it was an isolated incident,” Twitter information security director Bob Lord said in a blog post at the time.

Lord said there was an “uptick in large-scale security attacks aimed at US technology and media companies,” as he told of Twitter detecting attempts this week to get unauthorized access to data in the firm’s network.

The attack coincided with the revelation of several high-profile security breaches. The New York Times and The Wall Street Journal said that they had been hacked, and pointed to attackers from China.

It was unknown whether the cyberattack on San Francisco-based Twitter was related to high-powered hacker assaults on Facebook, the Times or the Journal.

Brazen cyberattacks on America’s most high-profile media outlets revived concerns over Chinese hackers, who analysts say are likely linked to the secretive Beijing government.

The Times and the Journal reported that their computer networks had been compromised, alleging it was an effort by the Chinese government to spy on news media operating in the country.

The administration of President Barack Obama is trying to counter the electronic theft of trade secrets by lodging formal protests, expelling diplomatic personnel, imposing travel and visa restrictions, and complaining to the World Trade Organization, the Post said.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Jeremy Koppen has left Mandiant after 13 years to become the CISO of Equifax.

Engineering and technology solutions provider Amentum has appointed Max Shier as its CISO.

PAM provider Keeper Security has appointed Shane Barney as its Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.