Tech titan Apple has admitted a number of its employees’ Mac machines have been compromised, purportedly by the same attackers who hit Facebook.
A small number of Mac machines were hit, reportedly by attackers using the same Java vulnerability and the same “watering-hole” website – a site for iOS developers – serving up the exploit.
Facebook said last week it had tracked the attack on its systems back to China. Twitter was also attacked this year, with fingers again pointed at China. Reports have suggested Twitter was targeted by the same hacking group that went after Apple and Facebook.
“Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers,” a statement sent to media from the Cupertino company read.
“The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers.
“We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple.”
Apple is now working closely with law enforcement on the case.
This week, security company Mandiant released a report suggesting a group associated with, or possibly part of, China’s People’s Liberation Army (PLA) was responsible for hitting a large number of English-speaking businesses, many based in the US. China has denied those claims.
Hacks on various media firms, including the New York Times and the Washington Post, have also been attributed to China, which it has also vociferously denied.
As for Java, which is at the heart of many notable recent breaches, Oracle today issued a critical patch update. It covered five vulnerabilities in Java, three of which were rated as critical.
Apple has released an update patching Java 6 for Mac OS X, as well as a Java malware removal tool.
Mac machines with OS X Lion, or a subsequent OS iteration, ship without Java. OS X also disables Java if it goes unused for 35 days.
Are you a security expert? Try our quiz!
After the United States imposes 100 percent tariffs on certain Chinese goods, Europe widens its…
OpenAI strikes deal with Reddit to train its AI tech on user posts and give…
Global spending spree from Microsoft continues, with huge investment for new data centre to drive…
Workforce blow. Newly privatised Toshiba has embarked on a 'revitalisation plan' that will entail the…
European Commission opens an official child safety investigation into Facebook and Instagram-owner Meta Platforms
Hundreds of AI and cloud engineers are being offered relocation out of China by Microsoft,…
