Facebook said Friday its computer system was "targeted in a sophisticated attack" last month, but that it found no evidence any user data was compromised.
The company said in a blog post that malware came from an infected website from a mobile developer and that "we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day."
The attackers used a previously unseen exploit taking advantage of a flaw in Java software made by Oracle, which was alerted to the situation and released a patch the first of February, according to Facebook.
The hackers appeared to be targeting developers and technology firms based on the website they chose to booby-trap with malicious code.
"Facebook was not alone in this attack," the Northern California-based company said.
"It is clear that others were attacked and infiltrated recently as well."