Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Hit By Hackers Who Targeted Facebook

Posted by Soulskill on from the getting-hacked-is-now-the-trendy-thing-to-do dept.

snydeq writes "Apple was recently attacked by hackers who infected the Macintosh computers of some employees, the company said on Tuesday in an unprecedented disclosure that described the widest known cyber attacks against Apple-made computers to date, Reuters reports. 'The same software, which infected Macs by exploiting a flaw in a version of Oracle Corp's Java software used as a plug-in on Web browsers, was used to launch attacks against Facebook, which the social network disclosed on Friday. ... A person briefed on the investigation into the attacks said that hundreds of companies, including defense contractors, had been infected with the same malicious software, or malware. The attacks mark the highest-profile cyber attacks to date on businesses running Mac computers.'"

7 of 148 comments (clear)

  1. Hackers reported that the malware "just worked." by crazyjj · · Score: 5, Funny

    Thank you folks, I'll be here all week.

    --
    What political party do you join when you don't like Bible-thumpers *or* hippies?
  2. Here's what Apple said on their website by Thrill+Science · · Score: 5, Funny
    They have since removed this:

    Highly secure by design

    Mac OS X doesn't get PC viruses. And with virtually no effort on your part, Mac OS X protects itself from other malicious applications. It was built for the Internet in the Internet age, offering a variety of sophisticated technologies that help keep you safe from online threats. Because every Mac ships with a secure configuration, you don't have to worry about understanding complex settings. Even better, it won't slow you down with constant security alerts and sweeps. And Apple responds quickly to online threats and automatically delivers security updates directly to your Mac.

  3. Re:That's Impossible! by ByOhTek · · Score: 5, Insightful

    Funny, if it's Windows that gets hit, the first thing said around here is that the OS should be secure enough to prevent such attacks.

    And, unless the attack affects one user account only... They are right. That goes for Windows, MacOS, Linux, *BSD, and INSERT_ANY_OTHER_FSCKING_OS_HERE

    --
    Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
  4. Re:That's Impossible! by v1 · · Score: 5, Informative

    Apple's advanced 1969-era OS is "secure by design". It is immune from viruses, and there's no need to run a virus scanner.

    Trojan != Virus for the love of god trolls, please learn this. I am sooo tired of hearing trojans being called viruses. They're both "malware", but that's where it ends.

    Anyway, this is why Apple is getting really sick and tired of Flash and Java, they've been the top two security thorns in their side for the last decade. Feeding the Apple bashers and giving Apple a bad rap. Apple doesn't write the flash or java interpreters, they don't have much control over the code monkeys at oracle and adobe.

    --
    I work for the Department of Redundancy Department.
  5. Re:Hackers reported that the malware "just worked. by pszilard · · Score: 5, Informative

    Being that this was a Java exploit which required a visit to a website at the least, I would say that those that got infected have more time on their hands than they know what to do with.

    That was a bit quick to jump to conclusions:

    Rather than using typical targeted approaches like "spear phishing" with e-mails to individuals, the attackers used a "watering hole" attack—compromising the server of a popular mobile developer Web forum and using it to spring the zero-day Java exploit on site visitors.

    "The attack was injected into the site's HTML, so any engineer who visited the site and had Java enabled in their browser would have been affected," Sullivan told Ars, "regardless of how patched their machine was."

    Source: http://arstechnica.com/security/2013/02/facebook-computers-compromised-by-zero-day-java-exploit/

  6. Re:That's Impossible! by v1 · · Score: 5, Interesting

    They don't like it because you have to run an update twice a week to keep up with the latest exploits found in flash and java. IF oracle/adobe were generous enough to roll up an update this week for the new exploits.

    And the boneheads at oracle kept insisting on rolling up whole new installers most of the time, that would only work if you had the previous version installed. (installer or updater make up your mind!) So you'd install vers 10, then 11, then 12, then 12.1, then 13, then 14, most of which were 55-56mb each. Idiots. Java needs to die in a fire. And I'll bring the marshmallows.

    It's not entirely oracle and adobe's fault though really... they're just keeping it up because devs keep using it. I'll admit it, writing games in flash (or java) is pretty quick and easy. But quick-n-easy comes at a price, a price to the users

    --
    I work for the Department of Redundancy Department.
  7. Re:Apple users by Macgrrl · · Score: 5, Informative

    I used to do Mac support and have spent plenty of time removing viruses from the old Mac System 6/7/8/9.x machines. I have never seen a Mac OSX virus 'in the wild'.

    Like any other form of security theatre, if you go long enough without being attacked, you get alert fatigue and begin to consider the threat negligible or non-existent and begin to consider yourself immune. I don't even have an anti-virus software on my home computers and would probably need to hear about a mass outbreak before I would consider installing any given my experiences of the performance hit windows machines seem to take when running anti-viral software.

    I used to swear by McAffe or Norton's, now I consider them potentially worse than half the malware out there for how they turn a perfectly good machine to molasses.

    --
    Sara
    Designer, Gamer, Macgrrl in an XP World