Apple Hit By Hackers Who Targeted Facebook

snydeq writes "Apple was recently attacked by hackers who infected the Macintosh computers of some employees, the company said on Tuesday in an unprecedented disclosure that described the widest known cyber attacks against Apple-made computers to date, Reuters reports. 'The same software, which infected Macs by exploiting a flaw in a version of Oracle Corp's Java software used as a plug-in on Web browsers, was used to launch attacks against Facebook, which the social network disclosed on Friday. ... A person briefed on the investigation into the attacks said that hundreds of companies, including defense contractors, had been infected with the same malicious software, or malware. The attacks mark the highest-profile cyber attacks to date on businesses running Mac computers.'"

Re:That's Impossible!

[guruevi]

Yes, Unix is secure by design and Mac OS X has a built-in virus scanner. There is no need to run additional software as none of it would've stopped this exploit short of disabling Java (which was also lauded as secure by design/sandboxing)

Re:That's Impossible!

[kthreadd]

According to TFA the eploit was in Oracle's version of Java, a third party product that was installed on the machine. Hardly something that the OS could be blamed for.

Re:That's Impossible!

[Thrill Science]

Virus scanners on Windows catch Java exploits! Having a virus scanner technology could have prevented this.

Re:There is no OS-based security.

[gstoddart]

I also have an android phone, and I'm near certain it'll get malware from an advertisement someday, because I have no means of blocking anything.

AdBlock runs just fine on an Android phone, in case you didn't know. I put it on mine pretty much the day I got it.

Re:That's Impossible!

[FrankSchwab]

Well, not having the details at hand (although I did RTFA), it seems that the OS allowed a user app to corrupt the system.

So, yes, I can blame it on the OS. Java may have been the initial vector that allowed the malware entry to the system, but the OS allowed the malware to do things it shouldn't have been able to.

Re:That's Impossible!

[v1]

Apple's advanced 1969-era OS is "secure by design". It is immune from viruses, and there's no need to run a virus scanner.

Trojan != Virus for the love of god trolls, please learn this. I am sooo tired of hearing trojans being called viruses. They're both "malware", but that's where it ends.

Anyway, this is why Apple is getting really sick and tired of Flash and Java, they've been the top two security thorns in their side for the last decade. Feeding the Apple bashers and giving Apple a bad rap. Apple doesn't write the flash or java interpreters, they don't have much control over the code monkeys at oracle and adobe.

Re:Hackers reported that the malware "just worked.

[pszilard]

Being that this was a Java exploit which required a visit to a website at the least, I would say that those that got infected have more time on their hands than they know what to do with.

That was a bit quick to jump to conclusions:

Rather than using typical targeted approaches like "spear phishing" with e-mails to individuals, the attackers used a "watering hole" attack—compromising the server of a popular mobile developer Web forum and using it to spring the zero-day Java exploit on site visitors.

"The attack was injected into the site's HTML, so any engineer who visited the site and had Java enabled in their browser would have been affected," Sullivan told Ars, "regardless of how patched their machine was."

Source: http://arstechnica.com/security/2013/02/facebook-computers-compromised-by-zero-day-java-exploit/ [arstechnica.com]

Re:You can sense the glee in the writeups...

[Anonymous Coward]

Any IT worker that has to deal with:

EMC SAN Management
Brocade SAN Switch Management
Citrix Netscalers
Various random pieces of network equipment with horrible GUIs
etc, etc, etc.

If a device has a web gui that is doing anything remotely complicated, 99% chance it will require Java. Bonus points if it requires an ancient old version to work.

Re:WHAT popular mobile developer Web forum?

[tsamsoniw]

According to The New York Times: "But according to a person with knowledge of Facebook’s investigation, the compromised site, iPhonedevsdk, an online forum for software developers, is still infected. (In other words, unless you want to be owned by hackers, do not visit the site.)" http://bits.blogs.nytimes.com/2013/02/19/apple-computers-hit-by-sophisticated-cyberattack/ [nytimes.com]

Re:Apple users

[Macgrrl]

I used to do Mac support and have spent plenty of time removing viruses from the old Mac System 6/7/8/9.x machines. I have never seen a Mac OSX virus 'in the wild'.

Like any other form of security theatre, if you go long enough without being attacked, you get alert fatigue and begin to consider the threat negligible or non-existent and begin to consider yourself immune. I don't even have an anti-virus software on my home computers and would probably need to hear about a mass outbreak before I would consider installing any given my experiences of the performance hit windows machines seem to take when running anti-viral software.

I used to swear by McAffe or Norton's, now I consider them potentially worse than half the malware out there for how they turn a perfectly good machine to molasses.

Re:Hackers reported that the malware "just worked.

[theVarangian]

Being cross platform still means it affected Macs. So the GPs tirade against the idea that Macs are immune to malware is valid. The GP was not claiming that other systems were immune to it.

No Apple user I know and who has even basic knowledge of what malware is claims Macs are immune to malware. Even totally clueless 'drone' type users don't assume that. I know because a friend of mine has a small Apple shop and people regularly show up at his dealership and ask about infection risks on OS X and half the time they walk out with a free info booklet on malware and having bought a basic anti malware suite (he installs and configures it for free). This guy is just another nerdy zealot venting his irrational hatred of all things Apple. That "OS X is immune to malware and h4x0rs" mantra is so old it has whiskers on it and regurgitating it makes him just as lame as those sad plonkers who still spell Microsoft with a $ sign.

Re:Hackers reported that the malware "just worked.

[theVarangian]

You do realise that this was a bug in Oracle Java don't you? That's a cross platform vulnerability, the Mal/JavaJar-B trojan for example also affected Windows, Linux and Unix systems.

A few years ago, when Apple shipped iPods with Windows Virus they said "As you might imagine, we are upset at Windows for not being more hardy against such viruses... [apple.com]". So now they now should be upset with themselves.

Actually, before you ripped it out of context, the full quote was: "As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it." So even at the time they admitted they were upset with themselves even though they could't help but take a shot at Microsoft for reasons that have to do with events that took place while you were probably still in diapers. Come to think of it I could fill a book with snide comments by Linux Fanbois about Windows security made on this forum, comments that ignore the fact that there is way more malware targeted at Windows than there malware targeted at Linux. If you take that into account Microsoft is doing a pretty good job on security, snide comments by Apple Marketing drones and Slashdot Linux fanbois not withstanding.