It was reported by users in Europe yesterday that they couldn’t access Facebook. Not one to let an opportunity pass, a member of Anonymous called @AnonymousOwn3r posted via his Twitter that he had hacked Facebook using a cross-site request forgery vulnerability. The same user is known for claiming to hack GoDaddy in September.
I will stop the #attack to facebook , soon you guys can acess— Anonymous Own3r (@AnonymousOwn3r) October 11, 2012
The evidence posted on Pastebin has been deemed as false, with Facebook themselves saying that they were aware of the service disruption on the European continent.
There has not been a hack of Facebook, we have investigated these claims and they are not valid. The evidence cited was produced by an automated vulnerability scanner that alerts developers of potential vulnerability, and we have found these all to be false alerts. We expect Anonymous just like we expect any other attack on any other day. Due to our size, we face the same threats as seen everywhere else on the web, but we have developed partnerships, backend systems, and protocols to confront the full range of security challenges we face. Facebook has always been committed to protecting our users’ information, and we will continue to innovate and work tirelessly to defend this data.
Downwhere.com, a site that monitors website availability listed Facebook as 'moderate' in Denmark, France and Norway and 'severe’ in Italy. Facebook has said that is was a result of a change to its DNS:
Earlier today we made a change to DNS as part of a traffic optimization test, and that change resulted in some users being temporarily mis-routed. We detected and resolved the issue immediately, but a small number of users located primarily in Western Europe experienced issues accessing the site while the DNS addresses repopulated. We are now back to 100 percent, and we apologize for any inconvenience.
There is still speculation on Twitter that Facebook are glossing over a security breach, with one user almost demanding Facebook to admit they were indeed hacked.
We hope this isn’t the case, but in the event that it turns out to be a security breach, it would do no harm to review your password(s) in the meantime and monitor any linked accounts to the social networking giant.
Source and Image: VentureBeat