This iPhone Developer Forum Is Responsible For Hacking Apple Employees' Macs | Cult of Mac

This iPhone Developer Forum Is Responsible For Hacking Apple Employees’ Macs


Do not visit this site.
Do not visit this site.

Earlier today it was reported that Apple’s computers had been compromised by a zero-day exploit in Java. Apple quickly released an update to patch the flaw for all Macs, but not before some of its own employees had been hacked.

The hack in question affected more than just Apple; Silicon Valley giants like Facebook and Twitter were also compromised. How exactly were hackers able to gain access to some of the biggest tech companies’ computers? The source is a single web forum for iPhone development.

A site called iPhoneDevSDK has been revealed as the means by which a dangerous exploit was injected via a Java plugin. We’re not linking to the site here because it could still contain malware. Apparently the site has gone under maintenance since the exploit was discovered earlier today.

This is an example of a “watering hole” attack. Instead of targeting specific individuals, the exploit was planted inside a common destination that many tech company employees visit on a regular basis. iPhoneDevSDK is a widely used forum for those who want to learn more about developing for the iOS platform. Both Facebook and Twitter have apps in the iOS App Store.

If you keep your Mac up to date, you’re safe from exploits such as this one.

Source: AllThingsD


Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.