The web development company behind the compromise of Facebook employees' laptops has apologised for the inconvenience and said that security is a top priority.
In a blog post, iPhoneDevSDK administrator Ian Sefferman said that it was alerted to the fact that its site was "part of an elaborate and sophisticated attack whose victims included large internet companies" and prior to media attention, it had no knowledge of the breach and hadn't been contacted by Facebook, any other company, or any law enforcement about the potential breach.
SC Magazine Australia reported that AllThingsD had named the responsible site as iPhoneDevSDK and while Facebook had not confirmed it was to blame, the website was previously down for maintenance. For a time, it displayed a malware warning message within the Chrome browser that said the page contains content from min.liveanalytics.org, a known malware distributor. “Visiting this page now is very likely to infect your computer with malware,” it said.
Facebook wrote in a blog last week that the compromised website hosted an exploit that then allowed malware to be installed on the employee laptops. "The laptops were fully patched and running up-to-date anti-virus software,” it said.
“We're still trying to determine the exploit's exact timeline and details, but it appears as though it was ended (by the hacker) on 30thJanuary 2013.”
He concluded by saying that he was very sorry for the inconvenience, and thanked Vanilla Forums for its help in the matter and Facebook after it reached out to them.