Apple targeted by hackers following Facebook breach

after infecting the laptops of several Facebook employees, it appears that hackers have breached Apple as well - but this time customers could be affected

20 Feb 2013
Apple Macbook Pro Retina

Apple has admitted that its internal network has fallen foul of the same attack that breached social networking giant Facebook, but claims its users are safe.

First spotted by Facebook in January, but only announced as an issue earlier this week following a detailed investigation by the company, the attack used a compromised site aimed at developers making software for Apple's iOS mobile devices to install a 'back-door' in victims' systems. In Facebook's case, those systems were laptops belonging to members of its development team; in Apple's case, it has only been disclosed that "a small number of systems" used by its staff were infected.

The attack against Apple, uncovered by Reuters and confirmed by the company last last night, used a since-patched hole in Oracle's Java software which could be exploited to install third-party software when a user simply visits a website - even in the presence of a fully up-to-date operating system and working anti-virus package.

In both cases, the attack was specifically written to run on Apple's OS X operating system - a platform which is typically considered more secure, or at least less of a tempting target, than its rival Microsoft Windows. The same flaw, however, can be exploited on other operating systems running a vulnerable version of Oracle's Java.

Since the attack was made public by Reuters, Apple has released a patch for its OS X operating system which removes the hole in Java and prevents the infected website - thought to be still actively attempting to exploit visitors' systems - from installing the back-door software. The update is a recommended install for all versions of OS X and OS X Server, with more details available on the Apple Knowledgebase.

Apple has also released a clean-up tool, designed to detect the presence of the same back-door code found on its systems and remove it from customers' computers - an indication, perhaps, that it is concerned as to just how widespread the infection may be.

Read more