Facebook says its engineers’ computers were hacked – last month

facebook hackedA handful of Facebook engineers were reportedly victims of a Java-based zero-day hack that riddled the computers in question with malware last month. Fortunately, Facebook figured out the existence of the malware before any further damage was done. But while the incident was reported a month ago, Facebook’s security team just got around to publishing a follow up blog post about the attack. Rest assured the social networks says it “found no evidence that Facebook user data was compromised.”

This zero-day exploit, meaning that this malware was never seen before, was discovered when Facebook “flagged a suspicious domain in [Facebook’s] corporate DNS logs and tracked it back to an employee laptop.” Facebook’s Chief Security Officer, Joe Sullivan, tells Ars Technica that the malware was piggybacking on the HTML of a compromised popular mobile developer Web forum and it could infect both Mac and Windows computers.

Anyone visiting the original site would have contracted the malware, which seemed to be the case since Facebook wasn’t the only victim. Facebook, however, hasn’t divulged what other companies have been affected.

According to Facebook, there wasn’t much that could have been done to protect the laptops other than not having visited the infected site in the first place. “The laptops were fully-patched and running up-to-date anti-virus software.” Since the exploit was a zero-day attack in the first place, anti-virus software wouldn’t have been able to detect and protect infected computers. The vulnerability in Java that unknowingly left the door open for this type of malware has since been patched by Oracle on February 1.

Companies with infected computers were notified of the malware, and Facebook is currently working with law enforcement to track down the culprit.

Our personal data may not have been stolen, but Facebook reports that the malware looked like it was peeking into what the social network was working on. So whatever information the affected Facebooks engineers had or accessed on their computers, including code, corporate data, and emails, was stolen.

Java has been on the receiving end of criticism recently. Just last week, another zero-day Java exploit was discovered, although by then it was too late and the attack was already running “arbitrary code” on infected systems. These aren’t the first string of attacks on Java and definitely not the end. And the realization about Java’s many vulnerabilities that are waiting to be discovered will no doubt motivate copycat hackers. To steer clear of possibly compromising your system, you can disable Java on your browser altogether – and that’s a recommendation straight from the U.S. Department of Homeland Security.

Mobile

5G phones make a lot of promises. Here’s what to really expect

There has been a lot of marketing copy expounding the potential benefits of 5G networks, but a lot less on the practical implications of 5G smartphones. There's a reason for that.
Product Review

At $180, you won’t care about the TicWatch S2’s utilitarian looks

The Mobvoi TicWatch S2 is not the best-looking smartwatch you’ll strap on your wrist, but it may be the toughest, and it’ll almost certainly be the cheapest. We’ve been wearing it to see what it’s like.
Computing

Hackers are scoring with ransomware that attacks its previous victims

Computer viruses are always evolving. In a new one, dubbed "Ryuk," hackers are targeting PCs with ransomware that scours an infected network in order to pinpoint and attack and enterprises with big money.
Gaming

‘Fortnite’ security flaw let hackers spy on players through microphones

A security vulnerability found in Fortnite allowed hackers to gain access to other players' accounts, potentially letting them spy on conversations using the in-game microphone. It has been addressed.
Social Media

A quick swipe will soon let you keep bingeing YouTube on mobile devices

The YouTube mobile app has a new, faster way to browse: Swiping. Once the update rolls out, users can swipe to go to the next (or previous) video in the recommended list, even while viewing in full screen.
Photography

Starting your very own vlog? Here are the best cameras to buy

Any camera that shoots video can be used to vlog, but a few models stand out from the crowd thanks to superior image quality, ergonomics, and usability. When it comes to putting your life on YouTube, here are the best cameras for the job.
Social Media

Twitter extends its new timeline feature to Android users

Twitter users with an Android device can now quickly switch between an algorithm-generated timeline and one that shows the most recent tweets first. The new feature landed for iPhone users last month.
Social Media

YouTube to crack down on dangerous stunts like the ‘Bird Box’ challenge

YouTube already bans content showing dangerous activities, but new rules published by the site go into greater detail regarding potentially harmful challenges and pranks, including certain blindfold- or laundry detergent-based stunts.
Social Media

Nearly 75 percent of U.S. users don’t realize Facebook tracks their interests

Did you know Facebook tracks your interests, including political and multicultural affiliations? According to a recent Pew study, 74 percent of adult users in the U.S. have no idea Facebook keeps a running list of your interests.
Mobile

It’s back! Here’s how to switch to Twitter’s reverse chronological feed

Twitter has finally brought back the reverse chronological feed, allowing you to see your feed based on the newest tweets, rather than using Twitter's algorithm that shows what it thinks you want to see. It's easy to switch.
Social Media

Nearly a million Facebook users followed these fake Russian accounts

Facebook purged two separate groups behind more than 500 fake accounts with Russian ties. One group had ties to Russian news agency Sputnik, while the other had behavior similar to the Internet Research Agency's midterm actions.
Social Media

Twitter suffers privacy scare as bug reveals tweets of protected accounts

If you set your Twitter account to private and you have an Android device, you'd better check your settings now. Twitter says it's just fixed a four-year-old bug that flipped the privacy switch to make the account public.
Web

Switch up your Reddit routine with these interesting, inspiring, and zany subs

So you've just joined the wonderful world of Reddit and want to explore it. With so many subreddits, however, navigating the "front page of the internet" can be daunting. Here are some of the best subreddits to get you started.
Social Media

Spice up your Instagram videos by adding your top tunes to the soundtrack

Have you ever taken a beautiful video, only to have it ruined by some jerk in the background yelling curse words? Here's a list of apps you can use to add your own music to Instagram posts as well as your Story.