iOS Developer Site At Core of Facebook, Apple Watering Hole Attack 88
msm1267 writes "The missing link connecting the attacks against Apple, Facebook and possibly Twitter is a popular iOS mobile developers' forum called iphonedevsdk which was discovered hosting malware in an apparent watering hole attack that has likely snared victims at hundreds of organizations beyond the big three. It's not clear whether the site remains infected, but researcher Eric Romang dug into the situation and determined that the site was hosting malicious JavaScript that was redirecting visitors to another site, min.liveanalytics. That site had been hosting malware as of Jan. 15."
Most comments below... (Score:3, Insightful)
Re:Mac Users Do a Software Update (Score:2, Insightful)
Any user with Java on their system, regardless of OS, should do an update (or disable Java...).
Re:LOL (Score:0, Insightful)
Apple is in charge of Java on Mac. Oracle has nothing to do with it on their platform.
Re:LOL (Score:4, Insightful)
Of course this does not apply to Windows where hacks via flash, java, quicktime, etc are definitely the fault of the Windows OS, probably Bill Gates in particular, as he's the devil. That's always been the consensus on slashdot.
Re:LOL (Score:4, Insightful)
Since the exploit was in Oracle Java I would blame Java, not the operating system which dutifully let the program run.
Well that counts out just about every Windows exploit from being Microsoft's fault then, after all Windows was just dutifully letting the program run. Do you know nothing about security? If you can exploit a user level application to compromise the system then it is the system's fault.