Last month, Facebook Security discovered that our systems had been targeted in a sophisticated attack. This attack occurred when a handful of employees visited a mobile developer website that was compromised. The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day.
We have found no evidence that Facebook user data was compromised.
— Protecting People On Facebook by Facebook Security on Saturday, February 16, 2013 at 2:59am
Facebook’s announcement follows recent cyber attacks on other prominent websites. Twitter, the microblogging social network, said earlier this month it had been hacked and that about 250,000 user accounts were potentially compromised, with attackers gaining access to information, including user names and email addresses.
Team had searched the particular malicious file on all the systems present in the office and it was found out that several computers were affected by it. Facebook reported the malware to Oracle, which makes the Java software that the attackers were able to bypass to infect the employees’ laptops. Oracle has issued a new version of Java that it says fixes the vulnerabilities
Facebook did not reveal where the attack was from, but a security expert at another company with knowledge of the matter said he was told that the Facebook attack appeared to have originated in China.