Apple hacked by same group that attacked Facebook

The iPhone and iPad maker said today that it is working with law enforcement to identify the hackers that breached its internal network. The same Java exploit that was used to attack Facebook was also to blame for allowing the hackers in to Apple's network.
Written by Zack Whittaker, Contributor

The same group of hackers that attacked Facebook last month also successfully attacked Apple, the company revealed today.

The Cupertino, Calif.-based technology giant told the Reuters news agency that while its networks were successfully breached, there was "no evidence that any data left Apple."

It's almost exactly the same wording used by Facebook last week when it disclosed it had also been hacked.

A small number of the company's employees Mac computers were hit by the hack, which exploited a vulnerability in the Java Web plug-in. 

A Java malware removal tool will be issued to OS X users later today that will prevent other Mac owners from being attacked in the same way.

Facebook suffered a breach to its internal network last month by hackers, but no data was taken, the company said. The hackers used the same active Java zero-day exploit to attack the company's network. Facebook's dedicated security team noted a suspicious domain in its corporate domain name (DNS) logs, which was traced to an employee's laptop. Numerous other laptops were compromised, cleaned and disinfected from malware.

Oracle, the developer of Java software, subsequently patched the exploit in a February 1 security fix.

In the past few weeks, a spate of semi-successful hacking attempts at Western companies by Chinese hacking groups—state sponsored or otherwise, it remains unclear—from The New York Times to The Wall Street Journal.

Apple did not comment further on the hack, but the firm said in a statement sent to our sister site CNET:

Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware.
Since OS X Lion, Macs have shipped without Java installed, and as an added security measure OS X automatically disables Java if it has been unused for 35 days. To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found.

Editorial standards