In a surprising turn of events, Apple employees found themselves a victim of hackers earlier this week, as malicious software was placed on their machines after visiting the iPhoneDevSDK website, an online forum for software developers. Interestingly, the hackers also targeted Facebook with this attack.
"What we've learned is that it appears a single administrator account was compromised," posted one of the iPhoneDevSDK administrators earlier today. "The hackers used this account to modify our theme and inject JavaScript into our site. That JavaScript appears to have used a sophisticated, previously unknown exploit to hack into certain user's computers."
As a result, Apple and Oracle updated its versions of Java for OS X to close the hole that caused this security breach, and they have also issued a separate malware removal tool. If users' machines are infected, they will be notified upon installation of the Java updates and can download a separate malware removal tool to get rid of the malicious code.
The updates are available for download via Apple's website, as well as through the Software Update function on Macs. iPhoneDevSDK reports that the threat does not appear to be ongoing, but all Mac users are advised to update their software in order to ensure the safety and security of their machines.
Comments