Yesterday it was reported that malware had infiltrated the Macs of Apple’s employees. It was big news because this is the first attack to affect Apple internally on such a big scale. The source of the malware was traced back to a popular forum for iPhone developers called iPhoneDevSDK. A vulnerability in a Java plugin on the site allowed for hackers to hijack the plugin and use it to insert malware.
While iPhoneDevSDK has been a dangerous site to visit due to the hack, the site’s administration has confirmed that it is “clean” to use again.
Ian Sefferman runs iPhoneDevSDK, a widely used forum for developers interested in the iOS platform and App Store. The site has 200,000 registered accounts, and unknown hackers commandeered a single admin account on the forum to gain access to the site’s code and inject a sophisticated JavaScript exploit. “As the most widely read dedicated iOS developer forum, we’re targeted for attacks frequently,” said Sefferman in a forum post. What’s interesting is that Apple never reached out to Sefferman about the hack before going public with the news yesterday.
According to Bloomberg, the attack most likely originated from a “gang of hackers” in Eastern Europe who wanted to steal company secrets. Apple wasn’t the only tech giant that was hacked; Facebook and Twitter fell victim to the malware too.
Via: The Verge
