In a sign of Apple's increasing vulnerability to hackers, some Mac computers belonging to Apple employees were infected with Java-related malware when the employees visited a software  development Web site, the company announced Tuesday.
The disclosure follows a similar Java-related cyberattack against Facebook that was revealed Friday and comes after President Barack Obama called on Congress in his State of the Union address to impose tougher legislation to protect American interests from cyberattacks.
Apple iPhones and iPads do not appear to be infected, and the Cupertino, Calif., company did not disclose how many of its employees' computers were infected or when. It issued a software fix Tuesday aimed at customers who already had installed Java on their Macs.
Windows-based operating systems have been the most popular targets of hacker attacks. But hundreds of thousands of Mac computers were hit last year with a Trojan horse virus called "Flashback" and the latest cyberattack is a troubling sign.
"Definitely, Macs are not as secure as they were previously," said Liam O Murchu, a researcher with Symantec. "Until last year, we hadn't seen a lot of Mac threats. This showcases that Macs are not invulnerable."
Neil Cook, chief tech officer for Cloudmark, which works on Internet security issues, said Apple's rising popularity makes it a bigger target for hackers.
"Apple's market size has always lagged behind," Cook said. "Now 1 in every 3 laptops sold is a Mac, so they've become extremely mainstream, and they've entered that sweet spot that hackers are looking for."
AllThingsD, a prominent tech industry blog, reported that both the Apple and Facebook attacks may have stemmed from one compromised Web site that is related to mobile development. The blog, citing sources close to the Facebook hacking probe, identified the site as iPhoneDevSDK and said it could also be connected to a recent Java-related Twitter hack that may have accessed up to 250,000 user names and passwords.
"The malware was employed in an attack against Apple and other companies, and was spread through a Web site for software developers," Apple said in a statement. "We identified a small number of systems within Apple that were infected and isolated them from our network . There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware." (continued...)
© 2013 San Jose Mercury News under contract with MarketWatch. All rights reserved.
|
