This iPhone Developer Forum Is Responsible For Hacking Apple Employees’ Macs

Do not visit this site.

Do not visit this site.

Earlier today it was reported that Apple’s computers had been compromised by a zero-day exploit in Java. Apple quickly released an update to patch the flaw for all Macs, but not before some of its own employees had been hacked.

The hack in question affected more than just Apple; Silicon Valley giants like Facebook and Twitter were also compromised. How exactly were hackers able to gain access to some of the biggest tech companies’ computers? The source is a single web forum for iPhone development.

A site called iPhoneDevSDK has been revealed as the means by which a dangerous exploit was injected via a Java plugin. We’re not linking to the site here because it could still contain malware. Apparently the site has gone under maintenance since the exploit was discovered earlier today.

This is an example of a “watering hole” attack. Instead of targeting specific individuals, the exploit was planted inside a common destination that many tech company employees visit on a regular basis. iPhoneDevSDK is a widely used forum for those who want to learn more about developing for the iOS platform. Both Facebook and Twitter have apps in the iOS App Store.

If you keep your Mac up to date, you’re safe from exploits such as this one.

Related

About the author

Alex HeathAlex Heath has been a staff writer at Cult of Mac for three years. He is also a co-host of the CultCast. He has been quoted by the likes of the BBC, KRON 4 News, and books like "ICONIC: A Photographic Tribute to Apple Innovation." If you want to pitch a story, share a tip, or just get in touch, additional contact information is available on his personal site. Twitter always works too.

(sorry, you need Javascript to see this e-mail address)| Read more posts by .

Posted in News | Tagged: , , , , , , , |