The Inquirer-Home

Apple employees and Mac software hacked

Systems were infiltrated
Wed Feb 20 2013, 11:13
Apple logo

GLAMOUR GADGET HOUSE Apple has admitted that it fell victim to a security attack that made the most of workers visiting dodgy websites and vulnerabilities in Mac OS X.

Apple is supposed to be a leader in technology, but it is the latest of several firms that have revealed recent intrusions, and comes hot on the heels of Facebook admitting it was hacked.

According to a report at Reuters the attack used the same flaw in a version of Oracle's Java software as it did at the social network.

An unidentified Apple source told the news agency that the exploit was used against it and customers of its hardware.

"This is the first really big attack on Macs," said the source. "Apple has more on its hands than the attack on itself."

Apple said it is confident that no data has been lost or stolen. "Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers," it said in a statement.

"We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware."

The firm added that it has a rather loose relationship with Java, adding that ever since Mac OS X Lion Mac computers have shipped without it installed.

"As an added security measure OS X automatically disables Java if it has been unused for 35 days," it said. "To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found."

Apple's published a fix for the vulnerability that disables the Java plug-in on all Mac web browsers, and that is available through its support pages.

Oracle addressed the Java vulnerability earlier this month. µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Happy new year!

What tech are you most looking forward to in 2015