• eNewsletter Subscription
  • Operations Leadership Summit
  • Great Question Podcast
    • Industryweek 3769 Apple
    1. Technology and IIoT
    2. Information Technology

    Hackers Worm Their Way into Apple

    Feb. 19, 2013
    Hackers appear not to have stolen data, Apple says Malware spread through website for software developers Malware took advantage of Java vulnerability Facebook and Twitter hit by hackers recently New report says many recent cyber attacks may be coming from China

    Apple on Tuesday said it was hit by hackers who wormed their way into the California company's system but evidently failed to steal any data.

    The maker of iPhones, iPads, iPods, and Macintosh computers said it is working with law enforcement officials to hunt down the hackers, who appeared tied to a series of recent cyber attacks on U.S. technology firms.

    "The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers," Apple (IW 500/9) said in an email response to an AFP inquiry.

    "We identified a small number of systems within Apple that were infected and isolated them from our network."

    Java Vulnerability Exploited

    The malicious software, or malware, took advantage of vulnerability in a Java program used as a "plug-in" for Web browsing programs.

    A "small number" of computer systems at Apple were infected but they were isolated from the main network, according the Silicon Valley based company.

    "There is no evidence that any data left Apple," Apple said. "We are working closely with law enforcement to find the source of the malware."

    Apple took the added steps of releasing a Macintosh computer operating system update that disables Java software that hasn't been used for 35 days or longer and a tool for finding and removing the malware.

    Facebook Targeted Days Ago

    Word of hackers hitting Apple came just days after leading social network Facebook said it was "targeted in a sophisticated attack" last month, but that it found no evidence any user data was compromised.

    Facebook said Friday that the malware came from an infected website of a mobile developer and that "we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day."

    It was unclear whether it was the same website blamed for the attack on Apple.

    The attackers used a previously unseen exploit taking advantage of a flaw in Java software made by Oracle, which was alerted to the situation and released a patch the first of February, according to Facebook.

    The hackers appeared to be targeting developers and technology firms, based on the website they chose to booby-trap with malicious code.

    "Facebook was not alone in this attack," the Northern California-based company said.

    "It is clear that others were attacked and infiltrated recently as well."

    Early this month Twitter said it was hammered by a cyber attack similar to those that recently hit major Western news outlets, and that the passwords of about 250,000 users were stolen.

    "This attack was not the work of amateurs, and we do not believe it was an isolated incident," Twitter information security director Bob Lord said in a blog post at the time.

    Lord said there was an "uptick in large-scale security attacks aimed at U.S. technology and media companies."

    China Cited as Growing Source of Cyber Attacks

    The New York Times and The Wall Street Journal recently said that they had been hacked, and pointed to attackers from China.

    Brazen cyber attacks on U.S. media and technology firms revived concerns over Chinese hackers, who analysts say are likely linked to the secretive Beijing government.

    China's army controls hundreds if not thousands of virulent and cutting-edge hackers, according to a report Tuesday by a U.S. Internet security firm that traced a host of cyber attacks to an anonymous building in Shanghai.

    Mandiant said its hundreds of investigations showed that groups hacking into U.S. newspapers, government agencies, and companies "are based primarily in China and that the Chinese government is aware of them."

    Mandiant Report Eyes APT1

    The report focused on one group, which it called "APT1" from the initials "Advanced Persistent Threat."

    "We believe that APT1 is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support," Mandiant said.

    The group, it said, was believed to be a branch of the People's Liberation Army called Unit 61398, and digital signatures from its cyber attacks were traced back to the direct vicinity of a nondescript, 12-story building on the outskirts of Shanghai.

    China's foreign ministry rejected "groundless accusations" of Chinese involvement in hacking and said China was itself a major victim, with most overseas cyber attacks against it originating in the US.

    The Pentagon declined to comment directly on the report but said Defense Secretary Leon Panetta voiced U.S. dismay over digital threats in his visit to Beijing last year.

    Copyright Agence France-Presse, 2013

    Continue Reading

    Popular Sponsored Recommendations

    Voice your opinion!

    To join the conversation, and become an exclusive member of IndustryWeek, create an account today!