“At least 40 companies including Apple Inc., Facebook Inc. and Twitter Inc. were targeted in malware attacks linked to an Eastern European gang of hackers that is trying steal company secrets, two people familiar with the matter said,” Michael Riley and Adam Satariano report for Bloomberg.
“Apple, one of three victims to publicly disclose attacks this month, said some of its internal Mac systems were affected by a malware attack,” Riley and Satariano report. “The hackers used an iPhone-developer website, according to the people familiar with law enforcement efforts, including investigations by the FBI and Secret Service, and didn’t want to be identified because of the probe.”
Riley and Satariano report, “The attack is part of the same series of invasions that also led to recently disclosed breaches at Facebook and Twitter, according to investigators working with the companies. Apple was the first to discover the attack, one of the people said. The hackers appear to be seeking company secrets, research and intellectual property they can sell underground, the people familiar with the matter said. While such attacks have previously been associated with China, sophisticated criminals in other countries have now successfully hacked corporate networks.”
Read more in the full article here.
MacDailyNews Note: Reportedly, the attacks used a Java vulnerability or vulnerabilities. Apple issued a Java update yesterday which uninstalls the Apple-provided Java applet plug-in from all web browsers. To use Java applets, users must get the latest version of the Java applet plug-in directly from Oracle.
Related articles:
Apple releases Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 13 – February 19, 2013
Some Apple Inc. employees hit by same hackers who targeted Facebook last week – February 19, 2013
Bad Java: Apple blocks Oracle’s latest Java version via OS X anti-malware system – January 31, 2013
Why fixing the Java flaw will take so long – January 16, 2013
How to kill Java dead, dead, dead; this outdated tech must be exterminated – January 15, 2013
Java 7 update 11 security patch fixes nothing; users advised to disable Java – January 14, 2013
Oracle releases Java Version 7 Update 11 – January 14, 2013
Oracle Corp to fix Java security flaw ‘shortly’ – January 12, 2013
Apple blocks OS X Java 7 plug-in as U.S. Department of Homeland Security warns of zero day threat – January 11, 2013
Apple makes OS X even more secure for Mac users by removing Java – October 19, 2012
Apple uninstalls Java applet plug-in from all web browsers – October 17, 2012
New zero-day Java exploit puts 1 billion PCs and Macs running OS X 10.6 or earlier at risk – September 26, 2012
Warning: New Java trojan targets Apple’s OS X along with Windows, Linux – July 11, 2012
Apple releases Java Update to remove Flashback trojan – April 12, 2012
OS X trojan variant preys on Mac users with unpatched Java – February 27, 2012
Jobs: Having Oracle, not Apple, release timely Java updates better for Mac users – October 22, 2010
Apple deprecates its release of Java for Mac OS X – October 21, 2010
So are the Chinese paying Bloomberg News to tell the world that these hackers are from Eastern Europe?
No! It’s probably GOOG, MSFT & Sammy that are paying Bloomberg News to tell the world that these hackers are from Eastern Europe.