Apple Attacked by Hackers That Hacked Facebook
According to Reuters, which has been in contact with Apple throughout the ordeal, the malware infects Mac machines by exploiting a flaw in Oracle's Java software used as a plug-in on web browsers. It's the same dirty code that was used in attacks against "other companies," though Apple refrained from specifying exactly how many firms had been hit with it.
"Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers," an Apple spokesman said in a statement. "We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple."
Citing a "person briefed on the investigation into the attacks," Reuters says this is the same malware that has been used to infect hundreds of other companies, even defense contractors. It's also the highest-profile attack on Mac computers to date, as the majority of hacker attacks typically focus on Windows-based machines.
It will be interesting to see if this latest breach originates from China, a hotspot for cyber espionage. In a recent attack against The New York Times, the newspaper found evidence that the attackers may have had links to the Chinese military. More than just paranoia, an extensive report released today by Mandiant, an American cyber security company, presented further evidence than the Chinese government is sponsoring large scale cyber attacks. Mandiant pinpointed a large percentage of attacks on American businesses and government agencies to a 12-story office tower in Shanghai's Pudong district, Unit 61398 of China's People's Liberation Army (PLA). It's believed that just one of the many Chinese government-sponsored hacking groups is responsible for stealing hundreds of terabytes of data from at least 141 organizations since 2006.