Following a string of disclosures from big tech and media companies that could point to a larger Chinese threat, Apple on Tuesday became the latest to admit that its internal computers had been hacked — and by the same malware malfeasance that got inside Facebook, which, according to Reuters, all trace back to China. An Apple statement, via AllthingsD, points to the same Java script malware that infected Facebook laptops as being the culprit with the attack on some Macs at Apple:
Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network.
No user information was compromised in the breach, as with the Facebook hack. Also like the Facebook hack, there's no official sign that the tech-company hacks are connected to a larger Chinese cyber-espionage campaign against the U.S. government, its companies, its infrastructure, and many organizations — a campaign that has now been tied to the Chinese People's Liberation Army. But even the most secretive and high-security American technology companies aren't safe, and now everyone's coming clean.
The break-in sounds almost exactly the same as those disclosed by Facebook and other in various hacking reports these days. "[Hackers] staged a sophisticated attack by infiltrating its employees' laptops," explains Reuters. In fact, many of the most sophisticated hacks tend to be the result of so-called "spear-phishing" campaigns, from the Defense Department on down. While that sounds like a relatively easy thing to avoid, these hackers must send some seriously convincing emails to fool the techies at Apple and Facebook — and probably Twitter.
Like all the other recently hacked companies, Apple says it is working with law enforcement agencies to defeat the hacker threat. Though, considering the extent of these hacks, that sounds relatively useless. As for Apple users, the company plans to release some sort of software to protect individual phones and tablets from the malicious software used in the breach. Per the statement: "To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found."
This article is from the archive of our partner The Wire.
We want to hear what you think. Submit a letter to the editor or write to firstname.lastname@example.org.