Apple was hacked, small number of Macs infected

Over the past few weeks, we have heard from many different companies who have stated that they have been hacked by foreign entities. If you are keeping a list at home of the companies who have been infiltrated, you can add Apple to that list. 

While there is no indication in the report that China, or any other foreign body was involved, it is believed that the same group that attacked Facebook also targeted Apple.

Apple provided the following statement on the breach to Loopinsight:

Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers,” Apple said in a statement the company provided to The Loop. “The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware.

“Since OS X Lion, Macs have shipped without Java installed, and as an added security measure OS X automatically disables Java if it has been unused for 35 days. To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found.

The company has stated that a small number of computers were infected but that the threat has since been resolved. Apple also stated that there is no evidence that any information was stolen

There is little to go on about how the hackers were able to penetrate Apple’s security safeguards and Apple is reported to be working with law enforcement to track down the hackers. The breach occurred by infiltrating a small number of employee laptops but the attack must have been quickly stopped as all of Apple’s data remained safe. 

Source: Reuters

Report a problem with article
Previous Story

Apple reportedly planning a Retina MacBook Air for Q3 2013

Next Story

Apple fixes iOS 6.1 bug that hit Microsoft Exchange users

29 Comments

Commenting is disabled on this article.

Geez, Apple haters don't care about facts do they, just just have a go.

One day Java won't exist. What a wonderful day that will be.

Brian Miller said,
Again, no good reason to install or develop in Java.

Meanwhile, in the real world.
Those of use who have heterogeneous IT infrastructures know that Java is still the best way to optimize our labour force.

there is no evidence that any information was stolen....all of Apple's data remained safe.

Is there evidence that it wasnt? I mean, if their safe guards didnt detect the initial intrusion, how can they say that no data was transferred? Any time i hear a company say "There is no evidence that privacy was breached" or some variation, I cant help but think what they are saying is
hell, i dont know...it could be 50/50...maybe it was stolen, maybe it wasnt

Companies deploy systems that monitor data that was accessed, by who, and at what time (among other things). If there is no log file stating that data was accessed then there is a good bet that the data really wasn't accessed. The only way to hide accessing the data would be to remove these generated logs, but that is extremely difficult unless you have a detailed knowledge of what systems they use and where they store things.

P.S. Their systems did detect the initial intrusion, that's how this article was written. If the systems didn't no one would have known about the breach and you wouldn't be hearing about it here.

I would say none of those points are valid.

The article states the vulnerability was in a java plugin for the browser of individual laptops (a "limited number", meaning more than 1 and less than "OH SNAP!"). If they detected the initial intrusion, then the others would not have been infected. It also does not state how the site that delivered the hack was accessed: Was it on a public wifi, at home, or at work? 2 of those 3 allow for machines to be infected w/o apple control. So either the initial intrusion was missed, some of the machines were infected off site, or all the machines were accessed at once...and caught at once.

Also, there is no rule that says hackers are not able to access data by impersonating a legit user.

Were the computers running an Apple OS, or Windows? Just because the company hacked was Apple, doesnt mean they were using Macs...or the Mac OS.

thats a good point, although i have a hard time believing they arent using OSx...but the article does say "laptops", and not "Macbooks"...lol.

MikeInBA said,
thats a good point, although i have a hard time believing they arent using OSx...but the article does say "laptops", and not "Macbooks"...lol.

Well, I know Microsoft has Apple hardware at their facility. Probably used for testing and developing software on other platforms.

Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers,”

Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers,” Apple said in a statement the company provided to The Loop. “The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware.

“Since OS X Lion, Macs have shipped without Java installed, and as an added security measure OS X automatically disables Java if it has been unused for 35 days. To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found.

Hmmm, either the article was updated, or the NyQuil hasnt worn off yet. Either way, thanks for pointing that out and taking it easy on me. haha

techbeck said,
Were the computers running an Apple OS, or Windows? Just because the company hacked was Apple, doesnt mean they were using Macs...or the Mac OS.

it's obviously the same attack that has infected Facebook employees running on OSX.

FYI, it's a drive-by download malware that infects both OSX and windows when Java is installed, thanks to a 0day flaw (now patched)

techbeck said,
Were the computers running an Apple OS, or Windows? Just because the company hacked was Apple, doesnt mean they were using Macs...or the Mac OS.

Apple does develop iTunes and Quicktime. So it would be good for some clarification. Perhaps those who hacked could post an update if the systems hacked were OS X, Windows or maybe even Linux/Unix.

techbeck said,

Well, I know Microsoft has Apple hardware at their facility. Probably used for testing and developing software on other platforms.


Yes, both companies use both platforms. Microsoft develop MS Office for Mac which is actually quite a software suite, and Apple develop iTunes, QT, and of course need to test Boot Camp too.

Since we're talking Java here, this perhpas doesn't matter that much though, because Java applets are cross-platform by design.

neonspark said,
but they get no viruses!
Since about two years ago, Apple has changed their wording to say they "Don't get Windows viruses."

I'm just wait for MS to start advertising Windows 9 as "immune to Mac viruses".

kelvinguy85 said,
couldn't of happened to a better company laughing my ass off

Unless they didn't actually get hacked, and wanted to feel special like the others so they are just saying they did.

firey said,

Unless they didn't actually get hacked, and wanted to feel special like the others so they are just saying they did.

If they manage to kill off Java in the process, I don't mind at all!