Apple employees’ machines attacked by Chinese hackers
AllThingsD reports that a small number of computers owned by Apple employees were hacked through a vulnerability in the Java browser plug-in. The attack, which was first highlighted by Reuters, was apparently carried out by the same group of China-based hackers that recently targeted the machines of Facebook employees.
Apple confirmed the attack to AllThingsD:
Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers,” the company said in a statement to AllThingsD. “The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware.
Since the launch of OS X Lion in July 2011, Apple no longer ships Macs with Java installed, however some third-party applications such as Adobe Photoshop CS6 require it to operate.
To protect users that do have Java installed, Apple will be releasing an updated software tool that will check for and remove any Java-related malware.