Mac-using iPhone developers are the latest targets of a widespread, sophisticated cyberattack.
Microsoft revealed yesterday that it got hit with the same kind of Java-based hack that targeted Apple and Facebook earlier this year, and which may also have compromised Twitter, spilling secrets on 250,000 of its customers.
The Microsoft attack seems to have had a smaller impact than the others.
“During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations,” Microsoft wrote.
It’s not clear if all three companies were targeted by the exact same attacker, but the techniques used were similar:
- Programmers within the targeted company visited a website aimed at mobile app developers, probably iPhone developers specifically.
- The website infected the programmers’ computers, via their web browser’s Java plugin. Initially the malware appears to have targeted Macs, but Reuters reports that there is also a version that targets Windows PCs.
- The malware on the developer computers then attempted to transmit information back to the hackers.
It’s not clear from these reports exactly how much information got leaked, or what kind of information the hackers were seeking. Microsoft says no customer data was compromised. Facebook also said earlier this month that no customer data got out.
VentureBeat’s upcoming DevBeat conference — by and for hackers — will include sessions on what developers need to know about security, including an all-night “breakathon” where you’ll learn black hat techniques. Find out more about DevBeat.
Twitter wasn’t so lucky: 250,000 of its customer accounts were compromised, with hackers making off with usernames, hashed passwords, and session IDs.
Also unclear: The source of these attacks. However, Reuters reports that the attacks may have originated in China. A widely-publicized report from Mandiant this week identified a People’s Liberation Army unit, called APT1, which it claims has been responsible for a long-term, sophisticated cyber espionage campaign.
Apple responded earlier this month by issuing its own patch for OS X. Oracle, which publishes Java, issued its own patch later.
As a side note: Apple has not shipped Java since Mac OS X Lion — which launched in July of 2011 — and also disables Java if it has not been used in 35 days.
That’s looking more and more like a wise idea.
Photo credit: carlosj via photopin cc