Sign in with
Sign up | Sign in

Apple Joins Facebook on ''Recently Hacked'' List

By - Source: Reuters | B 15 comments

Apple also fell victim to the Java exploit previously suffered by Facebook employees.

After Facebook came forward last week and admitted that it had been hacked through a zero-day exploit in Java, Apple also admitted this week that it too was recently attacked. The company said that like Facebook's engineers, its own Macintosh-based employees visited a website for software developers that was laced with the same malware, only modified for Mac OS X.

"Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers," the iPhone maker stated. "The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple."

Apple acknowledged that other companies outside Facebook and Apple have been attacked by the same malicious software, and that it is working closely with law enforcement officials to determine the source. Meanwhile, Reuters reports that a person "briefed on the investigation" said that hundreds of companies, including defense contractors, have been infected with the same malware.

According to the report, this was the biggest cyber attack to date on businesses running Mac computers. Typically hackers focus on the Windows platform because (1) it has a larger base of users (2) a good chunk are still running on Windows XP (3) many users tend to neglect their updates. But hackers have increased their focus on the Mac platform more so over the last few years than ever before because of Apple's market share gain on Microsoft.

"This is the first really big attack on Macs," said the source. "Apple has more on its hands than the attack on itself."

Despite many reports covering the topic, Apple and Facebook have not pointed the finger on China – that was The Wall Street Journal and The New York Times. However cyber-security specialist Mandiant actually blamed the Chinese government in a report released on Monday, offering evidence that leads back to China’s 2nd Bureau of the People’s Liberation Army General Staff Department’s 3rd Department. Naturally Beijing has denied the claims.

According to the report, the attacks have been underway since 2006, stealing hundreds of terabytes of data from at least 141 organizations, 115 of which reside within the United States. Twenty different industrial sectors have been targeted, the report said, spanning from energy and aerospace to transportation and financial institutions.

Even more, the security firm claims to have tracked down the hackers to a 12-story office building in Shanghai. "Once [Unit 61398] has established access [to a target network], they periodically revisit the victim's network over several months or years and steal broad categories of intellectual property, including technology blueprints, proprietary manufacturing processes, test results, business plans, pricing documents, partnership agreements, and emails and contact lists from victim organizations' leadership," the report claims.

Following Mandiant's disclosure, White House spokesman Jay Carney told reporters that the Obama administration has "repeatedly raised our concerns at the highest levels about cyber theft with senior Chinese officials including in the military and we will continue to do so."

Regardless of who is behind the hacks, Apple said on Tuesday that it plans to release an updated Java malware removal tool that will check Mac systems and remove the pesky malware, if detected.

 

Contact Us for News Tips, Corrections and Feedback

Discuss
Display all 15 comments.
This thread is closed for comments
  • 1 Hide
    sliem , February 20, 2013 3:50 PM
    Things were much simpler when Java was just a coffee.
    Same goes to Apple (and Blackberry and Xbox "eggs-box").
  • 9 Hide
    internetlad , February 20, 2013 3:53 PM
    This is clearly a story falsified by the microsoft propoganda machine. Everybody knows macs don't get viruses, and therefore are immune to hacking.
  • 4 Hide
    bloodymaze , February 20, 2013 3:58 PM
    internetladThis is clearly a story falsified by the microsoft propoganda machine. Everybody knows macs don't get viruses, and therefore are immune to hacking.


    WHAT! No way macs can't be hacked! You should know bette.... oh wait...

    http://www.macworld.com/article/1132733/hack.html

    :-O
  • 9 Hide
    alvine , February 20, 2013 3:59 PM
    Macs can get hacked too? Whaaaattt but they are so revolutionary and what not /sarcasm /popcorn
  • 2 Hide
    ddpruitt , February 20, 2013 4:05 PM
    I'm curious as to what developer site had this malware.

    Devs are up there when it comes to computer skills so I'm curious as to how it got by them for so long.
  • 2 Hide
    alvine , February 20, 2013 4:07 PM
    I know its Java exploit...just let me hate on apple ok?
  • 5 Hide
    JamesSneed , February 20, 2013 4:13 PM
    Moral to the story, don't eat Apples and drink Java or you will get worms. /s

    Makes one wonder what Antivirus suite Apple runs or do they believe their own hype.
  • 4 Hide
    house70 , February 20, 2013 4:43 PM
    internetladThis is clearly a story falsified by the microsoft propoganda machine. Everybody knows macs don't get viruses, and therefore are immune to hacking.

    LOL.

    Sarcasm aside, there is a reason why MACs are the first ones to bite the dust at every white-hat conference. Only fools would claim their OS is impenetrable, it's been a while since Apple was claiming "want security? Do nothing!" approach, and with popularity comes a price: attention from hackers.
  • 4 Hide
    Marcus52 , February 20, 2013 5:06 PM
    I wish Java would die.

    You know what royally POs me about Java (other than its security issues)? That their freakin installer puts on a search engine modification unless you uncheck it. That's just total, crooked, crap! It's not a big issue for me of course, but anyone who maintains a computer for their grandpa who can't remember to uncheck it when it updates knows what a freakin hassle it is. His browser gets modified, he gets confused, and I have to deal with it. Gee thanks Oracle.
  • 0 Hide
    Robi_g , February 20, 2013 7:09 PM
    why are there always so many posts on apple articles?
  • -2 Hide
    robochump , February 20, 2013 7:43 PM
    Robi_gwhy are there always so many posts on apple articles?


    Only time iHaters can congregate. I still think its a few people with multiple accounts just to bash Apple related articles...lol.

    In related news Apple already pushed a JAVA patch to fix this problem.
  • 0 Hide
    robochump , February 20, 2013 7:48 PM
    Marcus52I wish Java would die.You know what royally POs me about Java (other than its security issues)? That their freakin installer puts on a search engine modification unless you uncheck it. That's just total, crooked, crap!


    I would agree but anything else that becomes as popular as JAVA will be attacked as well. Adobe Air is nice but if it catches on then we will see constant Air updates and exploits. Problem is with hackers and those that support them.
  • 1 Hide
    rubberjohnson , February 20, 2013 9:49 PM
    robochumpOnly time iHaters can congregate. I still think its a few people with multiple accounts just to bash Apple related articles...lol.In related news Apple already pushed a JAVA patch to fix this problem.


    But there are more comments on the AMD Radeon post even though it's a newer story...lol

    My question is why fanboys like yourself need to step in and defend your favourite crumbling empire? It's ok iZombie, another company will come along and sell you an overpriced gadget.
  • 0 Hide
    Darkk , February 20, 2013 11:42 PM
    Java is a cross computing OS platform so long as it exist nobody is safe.
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter