The website behind the attack on Facebook has been identified, AllThingsD reports.
Facebook announced on the weekend that a staff machine had been compromised after visiting a website, now thought to be iPhoneDevSdk, via a then unpatched Java exploit.
“The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops," Facebook wrote in a blog.
"The laptops were fully patched and running up-to-date anti-virus software."
While Facebook has not confirmed that iPhoneDevSdk was responsible for the attack, the website is currently offline "undergoing maintenance".
The site owners told AllThingsD it was investigating the claims.
Cached records of iPhoneDevSdk held by Internet archive site The Way Back Machine on 15 January indicate the site was compromised.
It generates a malware warning message within the Chrome browser which said the page contains content from min.liveanalytics.org, a known malware distributor.
"Visiting this page now is very likely to infect your computer with malware."
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
Private AI vs Public AI: How your organisation can securely adopt AI without compromise and excessive cost
iTnews Benchmark Security Awards 2025
Digital Leadership Day Federal
Government Cyber Security Showcase Federal
Government Innovation Showcase Federal
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
