Saturday, February 16, 2013

Facebook hacked by zero day Java browser exploit malware



Facebook was hacked. By a drive-by browser exploit. This is bizarre. It should not have happened.

Some Facebook employees visited a mobile developer's website, using their laptops. This resulted in the much publicized "zero day Java exploit" malware being injected into their browsers.

I had warned you, on my Facebook page, about this Java exploit. I told you to disable Java (not Javascript) in your browsers. I posted links that told you how to disable Java in Chrome, Firefox, Safari, and Internet Explorer.

This would protect you from this "drive-by browser exploit". Odd that the Facebook staff would be so unsophisticated.

Was this a BYOD issue? Bring Your Own Device is common practice in companies now. 

Perhaps Facebook failed to make sure the personal laptops of employees, being used at work, had disabled Java on the browsers, and had proper anti-virus software installed. What about the Facebook firewall on their VPN? 

Many questions to ask.

The tech sites were warning us in AUGUST 2012 to disable Java in your browser.

http://nakedsecurity.sophos.com/2012/08/30/how-turn-off-java-browser/

Homeland Security was telling people to disable Java. The government itself issued a warning. So....why didn't a tech firm like Facebook pay attention and comply?

http://www.theblaze.com/stories/2013/01/14/what-software-is-still-so-flawed-even-the-fed-govt-is-telling-you-to-avoid-using-it/

VentureBeat reports that Facebook decided to disable Java, after discussing the malware attack with Oracle.

http://venturebeat.com/2013/02/15/facebook-hacked/

Facebook claims no user data was affected. Hmmm. But not saying what was attacked.

http://allthingsd.com/20130215/facebook-hacked-claims-no-evidence-of-user-data-compromised/?refcat=news


It just doesn't make any sense.

Why would a giant tech company, with lots of enemies and ruthless competitors, be so negligent or reckless about a potential attack vector? An exploit that was simple to guard against? A malware that was being discussed for several months all over the internet and TV news?

Very strange indeed.



For a more technical explanation of this malware attack see the Ars Technica article here:

http://arstechnica.com/security/2013/02/facebook-computers-compromised-by-zero-day-java-exploit/

http://arstechnica.com/security/2013/02/at-facebook-zero-day-exploits-backdoor-code-bring-war-games-drill-to-life/



Official Facebook statement:

https://www.facebook.com/notes/facebook-security/protecting-people-on-facebook/10151249208250766



No comments: