Share this article on:
A security breach could be to blame for yesterday’s (6 March) Meta outage that logged users out of Facebook and Instagram.
Despite the company announcing there was no evidence malicious activity led to yesterday’s outage, Meta has since told media that there was a security breach at the time.
“We’re working on it. There was a breach of security earlier. Please visit our status page for updates,” Meta told CyberNews.
There is currently no further information regarding the nature of the security breach, and the company’s statement that put a “technical issue” as the cause could still be the case.
Cyber Daily has reached out to Meta for additional information regarding the security breach; however, it is likely and appropriate that the company keeps any security details to itself.
While Meta blamed the attack on a technical issue rather than a cyber attack, a number of threat groups have claimed responsibility for the attack.
As seen by cyber intelligence firm CyberInt, the outage has also been claimed by a trio of threat actors working in tandem – SkyNet, Godzilla, and Anonymous Sudan.
The latter posted a DownDetector screenshot to its Telegram, claiming that the outage was the work of the three groups.
“Facebook downed by Skynet/Godzilla/InfraShutDown,” it wrote, with the third name referring to its brand new DDoS-as-a-service operation, which the group is pushing and advertising heavily on Telegram.
However, the posts show no actual proof that a cyber attack was the cause of the outage.
Additionally, researchers at @vxunderground on X have addressed the concerns, saying they assume it is purely a DNS fault.
There are rumors of a DDoS attack against social media giant Meta (formerly Facebook). We don’t know if it’s true. However, as is tradition, we just assume it to be a DNS issue.
— vx-underground (@vxunderground) March 5, 2024
Cheers
It is also worth noting that the threat groups claiming responsibility are distributed denial-of-service (DDoS) actors, and the security breach referenced by Meta would not be required to launch a DDoS attack.
Additionally, threat actors often claim responsibility for things they aren’t behind, particularly when it involves large, iconic companies like Meta, in an effort to build reputation.