Apple hit by same hackers that targeted Facebook

Cyber attack

Apple hit by same hackers that targeted Facebook

Warwick Ashford

Apple said its computer systems have been breached by the same attackers that targeted Facebook.

But the company said only a few computers were affected and there was no evidence of data theft.

Last week, Facebook revealed that its systems had been attacked in January after a few employees visited a mobile developer site that was compromised.

The compromised website hosted an exploit, which then allowed malware to be installed on these employees' laptops, according to a blog post.

"Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers,” the company said in a statement.

Facebook’s initial investigations revealed that the attack used a zero-day exploit to bypass the Java sandbox to install the malware. The Java vulnerability was patched by Oracle on 1 February.

The latest attack shows criminal hackers are investing more time in studying the Mac OS X operating system so they can attack Apple computers

Apple said the malware was spread through a website for software developers and was used in an attack against Apple and other companies, which some reports said include Twitter as well as Facebook.

In early February, Twitter reset the passwords of 250,000 accounts after detecting and shutting down a hacker attack.

Apple has taken measures to protect customers from vulnerabilities in Java and will release a software update to protect against the malicious software used in the attack, according to the BBC.

"Since OS X Lion, Macs have shipped without Java installed, and as an added security measure OS X automatically disables Java if it has been unused for 35 days," the company said.

"To protect Mac users that have Java installed, we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found."

Apple is working with law enforcement agencies to find the source of the malware.

Security firm F-Secure said the attackers might have been trying to access the code for apps on smartphones, seeking a way to infect millions of users.

The company urged developers to check their source code for unintended changes, according to the Guardian.

Other security researchers said the latest attack shows criminal hackers are investing more time in studying the Mac OS X operating system so they can attack Apple computers, the paper said.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy