In a statement released yestreday, Apple has disclosed that a number of their employees’ Macs have been compromised by malware through a vulnerability in the Java plug-in for browsers.
The website that was infected and considered responsible for hosing the malware has been identified as ‘iPhoneDevSDK’, an online forum for software developers. Apple has since released Java updates for OS X, including a malware removal tool. The company also says that ”there was no evidence that any data left Apple,” and that user data appears to be safe.
What’s interesting about this attack is where it might be coming from. Apple mentioned in their statement that the malware was also used to attack other companies. While they did not specifically mention Facebook, AllThingsD have surfaced that it was (is) the same China-based attackers.
This attack is also quite notable not only in that it was another big company like Apple under attack, but that it was the “highest-profile cyber attacks to date on businesses running Mac computers.” Hackers have traditionally focused on attacking computers running Windows, but times are changing. And if there’s one thing I can say for sure, it’s that nobody is safe.
Unless everybody uninstalls Java, Adobe Flash, and Adobe Reader. Then maybe we can rest a little easier. At least until the scumbags move to other targets.