Facebook Inc said on Friday that hackers had infiltrated some of its employees’ laptops in recent weeks, making the world’s No. 1 social network the latest victim of a wave of cyberattacks, many of which have been traced to China.
The company said that none of its users’ data was compromised in the attack, which occurred after a handful of employees visited a Web site last month that infected their machines with malware, according to a post on Facebook’s official blog released just before the three-day US President’s Day weekend.
“As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement and began a significant investigation that continues to this day,” Facebook said.
It was not immediately clear why Facebook waited until now to announce the incident. Facebook declined to comment on the reason or the origin of the attack.
A security expert at another company with knowledge of the matter said he was told that the Facebook attack appeared to have originated in China.
The attack on Facebook, which says it has more than 1 billion members, underscores the growing threat of cyberattacks aimed at a broad variety of targets.
Twitter, the microblogging social network, said earlier this month it had been hacked and that about 250,000 user accounts were potentially compromised, with attackers gaining access to information, including user names and e-mail addresses.
Newspaper Web sites, including those of the New York Times, the Washington Post and the Wall Street Journal, have also been infiltrated. Those attacks were attributed by the news organizations to Chinese hackers targeting coverage of China.
Facebook said in its blog post that it was not alone in the attack, and that “others were attacked and infiltrated recently as well,” although it did not specify who.
In its blog post, Facebook described the attack as a “zero-day” attack, considered to be among the most sophisticated and dangerous types of computer hacks. Zero-day attacks, which are rarely discovered or disclosed by their targets, are costly to launch and often suggest government involvement.
While Facebook said that no user data was compromised, the incident could raise consumer concerns about privacy and the vulnerability of personal information stored within the social network.
According to a person familiar with the situation, the type of information on the employee laptops that were compromised included “snippets” of Facebook source code and employee e-mails.
Facebook said it spotted a suspicious file and traced it back to an employee’s laptop. After conducting a forensic examination of the laptop, Facebook said it identified a malicious file, then searched company-wide and identified “several other compromised employee laptops.”
Another person briefed on the matter said that the first Facebook employee had been infected via a Web site where coding strategies were discussed.
The company also said it identified a previously unseen attempt to bypass its built-in cyberdefenses and that new protections were added on Feb. 1.
‘ABUSE OF POWER’: Lee Chun-yi allegedly used a Control Yuan vehicle to transport his dog to a pet grooming salon and take his wife to restaurants, media reports said Control Yuan Secretary-General Lee Chun-yi (李俊俋) resigned on Sunday night, admitting that he had misused a government vehicle, as reported by the media. Control Yuan Vice President Lee Hung-chun (李鴻鈞) yesterday apologized to the public over the issue. The watchdog body would follow up on similar accusations made by the Chinese Nationalist Party (KMT) and would investigate the alleged misuse of government vehicles by three other Control Yuan members: Su Li-chiung (蘇麗瓊), Lin Yu-jung (林郁容) and Wang Jung-chang (王榮璋), Lee Hung-chun said. Lee Chun-yi in a statement apologized for using a Control Yuan vehicle to transport his dog to a
Taiwan yesterday denied Chinese allegations that its military was behind a cyberattack on a technology company in Guangzhou, after city authorities issued warrants for 20 suspects. The Guangzhou Municipal Public Security Bureau earlier yesterday issued warrants for 20 people it identified as members of the Information, Communications and Electronic Force Command (ICEFCOM). The bureau alleged they were behind a May 20 cyberattack targeting the backend system of a self-service facility at the company. “ICEFCOM, under Taiwan’s ruling Democratic Progressive Party, directed the illegal attack,” the warrant says. The bureau placed a bounty of 10,000 yuan (US$1,392) on each of the 20 people named in
The High Court yesterday found a New Taipei City woman guilty of charges related to helping Beijing secure surrender agreements from military service members. Lee Huei-hsin (李慧馨) was sentenced to six years and eight months in prison for breaching the National Security Act (國家安全法), making illegal compacts with government employees and bribery, the court said. The verdict is final. Lee, the manager of a temple in the city’s Lujhou District (蘆洲), was accused of arranging for eight service members to make surrender pledges to the Chinese People’s Liberation Army in exchange for money, the court said. The pledges, which required them to provide identification
INDO-PACIFIC REGION: Royal Navy ships exercise the right of freedom of navigation, including in the Taiwan Strait and South China Sea, the UK’s Tony Radakin told a summit Freedom of navigation in the Indo-Pacific region is as important as it is in the English Channel, British Chief of the Defence Staff Admiral Tony Radakin said at a summit in Singapore on Saturday. The remark came as the British Royal Navy’s flagship aircraft carrier, the HMS Prince of Wales, is on an eight-month deployment to the Indo-Pacific region as head of an international carrier strike group. “Upholding the UN Convention on the Law of the Sea, and with it, the principles of the freedom of navigation, in this part of the world matters to us just as it matters in the
RSS