Apple Hacked By Hackers Who Hacked Facebook And Twitter
Apple has confirmed to Reuters that hackers infected Macs used by Apple employees. The hackers were the same hackers who used the same exploit to attack Facebook last month and Twitter on Feb. 1.
Apple Inc. has confirmed to Reuters that Macintosh computers used by Apple employees were hacked when the employees visited a software developer's site that had been infected with malware that was created and put there to attack Mac computers. What's alarming is that the same software that infected Apple's computers by exploiting a Java flaw was used in an attack on Facebook last month and Twitter on Feb. 1. Twitter revealed it had been hacked on Feb. 1 using the same method hackers used with Facebook and Apple. Twitter believed hackers could have accessed information on about 250,000 users.
When Facebook reported last Friday that it had been the target of a sophisticated attack, Facebook claimed that it believed there was no evidence Facebook user data was compromised in any way.
Apple also confirmed to Reuters that it did not believe any of its data had been compromised:
"An Apple spokesman declined to specify how many companies had been breached in the campaign targeting Macs, saying he could not elaborate further on the statement it provided."
"Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers," the statement said.
"We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple," it continued.
Apple told Reuters that it plans to release a software tool on Tuesday that users can run to identify and repair Macs that have been infected with the malware used in the attacks.
New reports by The Next Web claim that the site visited by Apple employees is actually an iPhone developer community forum site called "iPhoneDevSDK."
Don't even try to visit the site, as it is believed the site is still infected with the same malware that was used to infect Apple employees' Macs. As of this writing, Apple has released a Java security patch for Mac OS X users.