Microsoft falls foul of Mac-based malware

Summary:Microsoft's Mac business unit hit with Java-exploiting malware that also claimed Facebook and Apple.

Microsoft joined Facebook and Apple over the weekend on the list of US technology titans that have targeted in recent cyberattacks.

"As reported by Facebook and Apple, Microsoft can confirm that we also recently experienced a similar security intrusion," Microsoft's Trustworthy Computing team general manager Matt Thomlinson said in a blog post.

"During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organization."

There was no evidence that customer data was stolen, but an investigation into the attack was continuing, according to Thomlinson.

"This type of cyberattack is no surprise to Microsoft and other companies that must grapple with determined and persistent adversaries," he said.

Apple said on Tuesday that hackers invaded its system in an attack similar to one recently carried out against Facebook, but that it repelled the intruders before its data was plundered.

The maker of iPhones, iPads, iPods, and Macintosh computers said that it was working with law enforcement officials to hunt down the hackers, who appear to be tied to a series of recent cyberattacks on US technology firms.

"The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers," Apple told AFP.

The malicious software, or malware, took advantage of a vulnerability in a Java program used as a "plug-in" for web-browsing programs.

A "small number" of computer systems at Apple were infected, but they were isolated from the main network, according the Silicon Valley-based company.

"There is no evidence that any data left Apple," Apple said.

Word of hackers hitting Apple came just days after leading social network Facebook said that it was "targeted in a sophisticated attack" last month, but that no user data was compromised.

Facebook said malware that infected some of its machines came from a mobile developer website that had been booby-trapped.

Early this month, Twitter said it was hammered by a cyberattack similar to those that recently hit major western news outlets, and that the passwords of about 250,000 users were stolen.

While those behind the attacks have yet to be identified, computer security industry specialists have expressed suspicions about China-sponsored hackers and eastern European crime gangs.

Topics: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.