Saturday, 16 February 2013

Facebook Hacked, AGAIN!!

FacebookHacked_newsmate
Facebook has now stated it is the latest company to fall victim to another cyber attack by an unidentified hacker group, but added that there’s no evidence that the attack affected any of the company’s user data; Facebook revealed the details in a post on its security blog.
“Last month, Facebook security discovered that our systems had been targeted in a sophisticated attack,” the company said in a blog post posted on Friday afternoon, just before the three-day Presidents Day weekend. “The attack occurred when a handful of employees visited a mobile developer website that was compromised.”
The Social Network, which says it has more than one billion active users worldwide, also said: “Facebook was not alone in this attack. It is clear that others were attacked and infiltrated recently as well.”
However, Facebook declined to comment on the motive or origin of the attack.
The Blog post stated that the problems were caused due to a number of its employees checking out an unnamed mobile developer website on their laptops that had become infected with malware. The laptops themselves had malware installed on their PCs after they visited said website. Facebook added:
 “In this particular instance, we flagged a suspicious domain in our corporate DNS logs and tracked it back to an employee laptop. Upon conducting a forensic examination of that laptop, we identified a malicious file, and then searched company-wide and flagged several other compromised employee laptops.”
Facebook’s announcement follows recent cyber attacks on other prominent websites. Twitter, the microblogging social network, said earlier this month it had been hacked and that about 250,000 user accounts were potentially compromised, with attackers gaining access to information, including user names and email addresses.
Newspaper websites, including those of The New York Times (NYT.N), The Washington Post and The Wall Street Journal, have also been infiltrated. Those attacks were attributed by the news organizations to Chinese hackers targeting coverage of China.
In its statement, Facebook said the attack was launched using a “zero-day,” or previously unknown flaw in its software that exploited its Java built-in protections.
“Zero-day” attacks are rarely discovered and even more rarely disclosed. They are costly to launch and often suggest government sponsorship.
In January 2010, Google reported it had been penetrated via a “zero-day” flaw in an older version of the Internet Explorer Web browser. The attackers were seeking source code and were also interested in Chinese dissidents, and Google reduced its operations in the country as a result.
Attention to cyber security has ratcheted up since then and this week President Barack Obama issued an executive order seeking higher safety standards for critical infrastructure.
Other companies stand to benefit more from comprehensive legislation, which has stalled in Congress. Republicans have opposed additional regulations that would come with mandatory security standards.
What ever the technical flaws, Facebook ’ s security reputation is under serious scrutiny here. Seems like with the recent cyber attacks being successful on the world’s most famous social network giant, Facebook may soon lose its popular stature of the ‘unhackable, highly secure’ tag running among the internet. Looks like it is indeed as they say, Nothing is safe, or it seems so unless provided with more secure ways to these “Zero day” attacks. Hope this works as a Wake up call to not only Facebook but also other websites to enhance their security! what do u think?

0 comments: