Apple Employees Hacked via Java Plugin Exploit
Apple reported some of its employees were hacked through a Java plugin exploit served through a developer website, but no evidence of data theft was revealed.
The few computers compromised were unplugged from the network and are pending investigation as to the source of the attack. The company believes the malware was designed for other companies as well and that it’s part of a larger operation.
“Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers,” Apple said in a statement. “The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers.”
Apple also emphasized the company has completely stripped Java from the default configuration of OS X Lion. If unused for 35 days, it will automatically be uninstalled. An update addressing the Java malware responsible for current issue was released to ensure that no other users are affected.
With security firm Mandiant saying that most recent hacking attacks originated from China – conducted by Unit 61398, the country’s People’s Liberation Army – experts assume the attack on Apple’s computers might have been orchestrated by the cyber espionage group. China said it had no part in these attacks.
“Since OS X Lion, Macs have shipped without Java installed, and as an added security measure OS X automatically disables Java if it has been unused for 35 days,” said Apple. “To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found.”
In January, the U.S. Department of Homeland Security issued a warning that users should disable Java, as it can easily be weaponized and used for various attacks. Although it was referring to a different Java bug, the advice is still sound.