BUSINESS

Apple Hack Signals No Company Safe From Latest Malware Attack

02/19/2013 07:30 pm ET

Apple said Tuesday its employees' computers had been hacked, signaling that even a company once thought to be hacker-proof is vulnerable to a sophisticated attack that has claimed a growing number of victims.

Apple said in a statement that malicious software had infected "a limited number" of employees' computers, but no customer data had been compromised.

"There is no evidence that any data left Apple," the statement said. "We are working closely with law enforcement to find the source of the malware."

The disclosure marked another blemish for a company that once owned a sterling reputation for security. While Microsoft customers have long complained about viruses in Windows software, Apple customers once thought they were safer. That's no longer true, experts said. As Apple's market share has grown, it has attracted more attention from hackers. Security researchers in April found that malware had infected more than 500,000 Mac computers in what was then the largest attack on Apple’s operating system.

"Apple has enjoyed less attention from malware writers, but that's changing," said Lysa Myers, a senior security analyst at Intego, which focuses on Apple security. "Macs are in the crosshairs now. They are a financially lucrative platform for malware and hackers know that and are exploiting that as we speak."

Apple is the latest company to reveal its employees had fallen for a trap laid by hackers on a third-party website visited by many software developers. Facebook said Friday its employees also were hacked when they visited the website, which neither Apple nor Facebook would name. The New York Times and All Things D identified the website as iPhoneDevSDK. The publications cautioned readers not to visit the site because it was still infected.

The compromised site appears to have claimed a long list of victims. Hundreds of companies, including defense contractors, had been infected with the same malware, a person briefed on the investigation told Reuters.

The hackers' identity and motive remains unclear. By targeting software developers, they may have hoped to gain insight into future products or to create back doors into a company's internal network, Myers said.

The hacks against Facebook and Apple were notable in part because they were disclosed at all. Companies that get hacked often keep that information to themselves. Facebook and Apple may have gone public to alert other developers who were unaware they had been infected by the same website, Myers said.

Facebook and Apple may also have revealed the hacking to get more assistance from the federal government in finding the source of the attacks, according Tom Kellermann, vice president of cybersecurity at Trend Micro.

"They have an obvious need for government incident response assistance ... to manage the infestation within their networks," Kellermann said in an email.

Both Apple and Facebook said their attackers exploited a flaw in Java -- a programming language widely used by website designers. Oracle, which makes Java software, has faced growing criticism for being slow to respond to its flaws. The Russian security company Kaspersky Lab has said that Java software was responsible for about half of all cyber attacks last year.

Security experts and the Department of Homeland Security have advised users to disable Java from their Web browsers. Last fall, Apple removed Java from customers' Web browsers when they installed the latest update to its Mac operating system.

Apple on Tuesday released an update for Mac users that scans Macs for malware and removes it.

Suggest a correction
Comments

CONVERSATIONS