The website behind the attack on Facebook has been identified, AllThingsD reports.
Facebook announced on the weekend that a staff machine had been compromised after visiting a website, now thought to be iPhoneDevSdk, via a then unpatched Java exploit.
“The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops," Facebook wrote in a blog.
"The laptops were fully patched and running up-to-date anti-virus software."
While Facebook has not confirmed that iPhoneDevSdk was responsible for the attack, the website is currently offline "undergoing maintenance".
The site owners told AllThingsD it was investigating the claims.
Cached records of iPhoneDevSdk held by Internet archive site The Way Back Machine on 15 January indicate the site was compromised.
It generates a malware warning message within the Chrome browser which said the page contains content from min.liveanalytics.org, a known malware distributor.
"Visiting this page now is very likely to infect your computer with malware."
.png&h=140&w=231&c=1&s=0)
_page-0001.jpg&w=100&c=1&s=0)
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
.jpg&h=271&w=480&c=1&s=1)
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
