SAN FRANCISCO – Facebook said Friday its computer system was “targeted in a sophisticated attack” last month, but that it found no evidence any user data was compromised.
The company said in a blog post that malware came from an infected website of a mobile developer and that “we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day.”
The attackers used a previously unseen exploit taking advantage of a flaw in Java software made by Oracle, which was alerted to the situation and released a patch the first of February, according to Facebook.
The hackers appeared to be targeting developers and technology firms based on the website they chose to booby-trap with malicious code. “Facebook was not alone in this attack,” the Northern California-based company said.
“It is clear that others were attacked and infiltrated recently as well.” The US intelligence community has concluded that America is the target of a massive cyber-espionage campaign that is threatening its competitiveness, The Washington Post reported just days ago.
Citing unnamed officials, the newspaper said the conclusion is contained in the National Intelligence Estimate, a classified report that represents the consensus view of the US intelligence community.
The document, according to the Post, identifies energy, finance, information technology, aerospace and automotive companies as the most frequent targets of hacking campaigns that appear state sponsored.
Early this month Twitter said it was hammered by a cyber attack similar to those that recently hit major Western news outlets, and that the passwords of about 250,000 users were stolen.
“This attack was not the work of amateurs, and we do not believe it was an isolated incident,” Twitter information security director Bob Lord said in a blog post at the time.
Lord said there was an “uptick in large-scale security attacks aimed at US technology and media companies,” as he told of Twitter detecting attempts this week to get unauthorized access to data in the firm’s network.
The attack coincided with the revelation of several high-profile security breaches. The New York Times and The Wall Street Journal said that they had been hacked, and pointed to attackers from China.
It was unknown whether the cyberattack on San Francisco-based Twitter was related to high-powered hacker assaults on Facebook, the Times or the Journal.
Brazen cyberattacks on America’s most high-profile media outlets revived concerns over Chinese hackers, who analysts say are likely linked to the secretive Beijing government.
The Times and the Journal reported that their computer networks had been compromised, alleging it was an effort by the Chinese government to spy on news media operating in the country.
The administration of President Barack Obama is trying to counter the electronic theft of trade secrets by lodging formal protests, expelling diplomatic personnel, imposing travel and visa restrictions, and complaining to the World Trade Organization, the Post said.