In a recent security blog Facebook has revealed that some of its employees were targeted last month in what it describes as a 'sophisticated attack'.
Several Facebook employees laptops were successfully infected by malware emanating from a compromised mobile developers' website.
According to Facebook action was taken as soon as the presence of the infections was revealed following the discovery of a suspicious domain in their corporate DNS logs.
This prompted a companywide search which discovered a handful of infected computers although as far as they can tell no user data was compromised.
Facebook has now informed the authorities and as a result of continuing investigations it is now known that the malware installation was facilitated by a zero day Java exploit on the infected website that enabled the malware installation routine to escape the Java sandbox.
Facebook's security blog message can be read in full here.
