Apple Hacked by Group That Targeted Facebook

In an unexpected turn of events, Apple said on Tuesday that the same hackers that targeted Facebook have hacked the Mac computers of some employees; the widest-known cyber attacks against Apple-made computers to date, Reuters reported.

The group had used a Java web browser plugin exploit to launch an attack against Facebook, and today they managed to hack Apple’s computers as well as Mac computers used by other companies as Apple reported without elaborating on the scale of the assault.

The Cupertino company replied immediately saying it identified the malware “which infected a limited number of Mac systems through vulnerability in the Java plugin for browsers,” am Apple spokesperson informed AllThingsD.

The Loop also has a statement from Apple saying that the malware was employed in an attack against Apple and other companies, and it was spread through a website for software developers. The Mac manufacturer has identified a “small number of systems within Apple” infected with the malware, and isolated them from their network. “There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware,” Apple said to Jim Dalrymple.

For those unaware, Apple has decided to ship its Mac computers without Java pre-installed, and they even added an extra layer of security to Mac OS X that automatically disables Java if it has not been used for 35 days.

Apple, however, replied to the cyber attack by issuing a software update now available in the Mac App Store or through the Software Update section if you are running an earlier version of Mac OS X. The Java for OS X 2013-001 1.0 addresses the aforementioned security hole hackers have used to hack Mac computers. Java for OS X 2013-001 delivers improved security, reliability, and compatibility for Java SE 6. Java for OS X 2013-001 supersedes all previous versions of Java for OS X. This update uninstalls the Apple-provided Java applet plug-in from all web browsers and also removes the Java Preferences application, which is no longer required to configure applet settings, Apple’s support page informs.

Have you started downloading the update? If not, do it now!

[Via Reuters, LoopInsight]