Site used in malware attack on Apple, Facebook explains how it happened

Photo by Shutterstock / deepspacedave

The owner of a website that was a conduit used by hackers to breach employee computers at both Facebook and Apple has come forward to explain the events that took place last month. Ian Sefferman, co-founder of the iPhoneDevSDK website, said Wednesday in a blog post that he’d found evidence that the targeted attack came from an administrator account on his website that was compromised.

Though Sefferman says he believes the site is no longer infected, it’s safer not to visit the site for now — hence no link. Here’s how MacRumors reported Sefferman’s statement:

What we’ve learned is that it appears a single administrator account was compromised. The hackers used this account to modify our theme and inject JavaScript into our site. That JavaScript appears to have used a sophisticated, previously unknown exploit to hack into certain user’s computers.

We’re still trying to determine the exploit’s exact timeline and details, but it appears as though it was ended (by the hacker) on January 30, 2013.

He says he doesn’t believe any his site’s user data was actually compromised.

AllThingsDĀ was the first to report iPhoneDevSDK’s involvement in the attack.

Both Apple and Facebook blamed Java: each reported recently that some of their employees’ computers were infected by malware from a vulnerability in a Java browser plug-in. Apple has since released a software patch for Java for OS X. Both companies say no user data was stolen.

loading

Comments have been disabled for this post