Unidentified hackers have taken a bite out of Apple
by infecting several Mac
computers belonging to employees, the Cupertino company revealed today. The machines were infected when employees visited a hacked website intended for software developers. Apple believes those responsible are the same ones who attacked Facebook
and other companies in recent days.
According to Reuters
, which has been in contact with Apple throughout the ordeal, the malware infects Mac machines by exploiting a flaw in Oracle's Java software used as a plug-in on web browsers. It's the same dirty code that was used in attacks against "other companies," though Apple refrained from specifying exactly how many firms had been hit with it.
"Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers," an Apple spokesman said in a statement. "We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple."
Citing a "person briefed on the investigation into the attacks," Reuters
says this is the same malware that has been used to infect hundreds of other companies, even defense contractors. It's also the highest-profile attack on Mac computers to date, as the majority of hacker attacks typically focus on Windows-based machines.
It will be interesting to see if this latest breach originates from China
, a hotspot for cyber espionage. In a recent attack against The New York Times
, the newspaper found evidence that the attackers may have had links to the Chinese military. More than just paranoia, an extensive report released today by Mandiant
, an American cyber security company, presented further evidence than the Chinese government is sponsoring large scale cyber attacks. Mandiant pinpointed a large percentage of attacks on American businesses and government agencies to a 12-story office tower in Shanghai's Pudong district, Unit 61398 of China's People's Liberation Army (PLA). It's believed that just one of the many Chinese government-sponsored hacking groups is responsible for stealing hundreds of terabytes of data from at least 141 organizations since 2006.