A site for iPhone developers called iphonedevsdk.com was the hub for a Java Zero Day attack on Twitter, Facebook and Apple.

Investigators identified the site as having been the center of a “waterhole” attack, where users end up drawn to the site in question because of its content, according to a Bloomberg report.

Hiding Code into JavaScript
Adobe Mitigation Plan for Zero Day
Trojan a Work of ‘Poetry’
Ransomware Encrypts Data

The target was iOS developers who used the site’s forums to discuss developing for Apple’s devices. iPhoneDevSDK.com confirmed it suffered a compromise and a single administrator’s account was able to modify the site’s theme and add malicious JavaScript to all the site’s pages. The site said the hacker removed the JavaScript on January 30 and it only found out it had suffered compromise when they ended up identified in an AllThingsD article which cited Facebook. Anyone who accessed the site should check for malware on their systems.

Apple is the latest company to reveal it found malware on employees’ laptops, apparently delivered using those drive-by attacks. The methodology appears to be very similar to what Facebook revealed it had been subject to in January. Apple gave no time frame for when it ended up attacked, but, according to Bloomberg, Apple was the first to discover the attacks. Investigators said they suspected the attacks were the work of Eastern European criminals rather than any state-sponsored hacking group.

Schneider Bold

Apple said it had “identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple.”

Apple also released an update to its Java 6 in Mac OS X which completely removes Java plugin support and directs users to Oracle for their Java 7 and plugin support. Oracle, who released an emergency patch for 50 vulnerabilities on Feb. 1 – in what appears to have been a response to the Facebook and Apple attacks – has released an updated version of that emergency patch with a handful of critical holes also closed.

Do NOT follow this link or you will be banned from the site!

Pin It on Pinterest

Share This