Apple and world HACKED by Facebook plunderers

Use a Mac? Have Java? You might have been pwned


Apple, Facebook and "hundreds of other companies" have had their Mac computers hacked in a sophisticated campaign mounted by an unknown adversary.

Attackers were able to infect Apple, along with other businesses around the world with Mac malware delivered via a Java zero-day vulnerability, Reuters reported on Tuesday, after receiving information from a source at Apple.

The hack used the same Java zero-day and associated Mac malware as the one which Facebook disclosed last week, the Apple source indicated.

Hundreds of companies, including defense contractors, have been infected with the same malicious software, the source said.

"This is the first really big attack on Macs," Reuters's source said, "Apple has more on its hands than the attack on itself."

Apple plans to release a software tool to detect and remove the Java-related malware, the company said in a statement to AllThingsD. Java has not shipped with Macs since the release of OS X Lion.

The Mac malware could have been used to deliver a backdoor onto the computers via the installation of an SSH Daemon, allowing hackers to remotely control parts of the affected system, Finnish virus experts F-Secure indicated in a blog post on Monday.

At the time, they classed the Facebook hack as a "watering hole" attack, which sought to target Facebook users by infecting the company behind the social network.

With the revelations from Apple, it appears the attack could have been part of a widespread hacking campaign against various companies including Facebook and Twitter as well.

At the time of writing Google had not responded to queries about whether it had also been targeted, and Microsoft declined to comment.

The news comes alongside the release of a report on Tuesday that linked the Chinese People's Liberation Army to hackers that have been mounting a "Cold War" style campaign against Western companies.

The report implicated the PLA in a variety of major hacking campaigns that have occurred over the past few years, including 2011's RSA hack that compromised SecurID encryption tokens. ®

Similar topics


Other stories you might like

  • Microsoft unveils Android apps for Windows 11 (for US users only)

    Windows Insiders get their hands on the Windows Subsystem for Android

    Microsoft has further teased the arrival of the Windows Subsystem for Android by detailing how the platform will work via a newly published document for Windows Insiders.

    The document, spotted by inveterate Microsoft prodder "WalkingCat" makes for interesting reading for developers keen to make their applications work in the Windows Subsystem for Android (WSA).

    WSA itself comprises the Android OS based on the Android Open Source Project 1.1 and, like the Windows Subsystem for Linux, runs in a virtual machine.

    Continue reading
  • Software Freedom Conservancy sues TV maker Vizio for GPL infringement

    Companies using GPL software should meet their obligations, lawsuit says

    The Software Freedom Conservancy (SFC), a non-profit which supports and defends free software, has taken legal action against Californian TV manufacturer Vizio Inc, claiming "repeated failures to fulfill even the basic requirements of the General Public License (GPL)."

    Member projects of the SFC include the Debian Copyright Aggregation Project, BusyBox, Git, GPL Compliance Project for Linux Developers, Homebrew, Mercurial, OpenWrt, phpMyAdmin, QEMU, Samba, Selenium, Wine, and many more.

    The GPL Compliance Project is described as "comprised of copyright holders in the kernel, Linux, who have contributed to Linux under its license, the GPLv2. These copyright holders have formally asked Conservancy to engage in compliance efforts for their copyrights in the Linux kernel."

    Continue reading
  • DRAM, it stacks up: SK hynix rolls out 819GB/s HBM3 tech

    Kit using the chips to appear next year at the earliest

    Korean DRAM fabber SK hynix has developed an HBM3 DRAM chip operating at 819GB/sec.

    HBM3 (High Bandwidth Memory 3) is a third generation of the HBM architecture which stacks DRAM chips one above another, connects them by vertical current-carrying holes called Through Silicon Vias (TSVs) to a base interposer board, via connecting micro-bumps, upon which is fastened a processor that accesses the data in the DRAM chip faster than it would through the traditional CPU socket interface.

    Seon-yong Cha, SK hynix's senior vice president for DRAM development, said: "Since its launch of the world's first HBM DRAM, SK hynix has succeeded in developing the industry's first HBM3 after leading the HBM2E market. We will continue our efforts to solidify our leadership in the premium memory market."

    Continue reading

Biting the hand that feeds IT © 1998–2021