Go Back   MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Reply
 
Thread Tools Search this Thread Display Modes
Old Feb 19, 2013, 06:05 PM   #1
MacRumors
macrumors bot
 
Join Date: Apr 2001
Apple Employees Hacked By Visiting iPhoneDevSDK




As reported by The New York Times, the software development website responsible for seeding malicious software to Mac computers at Apple, Facebook, and presumably Twitter has been revealed by a person who was involved with the investigation at Facebook.

The compromised site, iPhoneDevSDK, is an online forum designed for software developers. The site is still infected, and visiting it is not recommended.

At this time, it is unknown if the site had any involvement in the attacks, though it is likely that it was the work of third party hackers given the site's prominent standing as a dedicated community for iPhone developers.

Apple this morning announced that a small number of its employees' computers had been compromised through the Java plug-in vulnerability, an issue that has now been fixed with the Java update and malware removal tool released by Apple this afternoon.

Mac users can determine whether or not they have been affected by the security flaw by installing the Java update, which will notify a user if malware is found. Apple says that the Java update and malware removal tool will "remove the most common variants of malware."

As noted by The Next Web, iPhoneDevSDK is currently in maintenance mode.

Article Link: Apple Employees Hacked By Visiting iPhoneDevSDK
MacRumors is offline   0 Reply With Quote
Old Feb 19, 2013, 06:07 PM   #2
gmanist1000
macrumors 68020
 
gmanist1000's Avatar
 
Join Date: Sep 2009
Hacked this hacked that... this is turning out well for cyber-security enthusiasts.
gmanist1000 is offline   0 Reply With Quote
Old Feb 19, 2013, 06:08 PM   #3
maxosx
macrumors 68020
 
Join Date: Dec 2012
Location: Southern California
The amount of breaches no matter the platform is truly getting out of control. It's time for increased focus by all in the tech sector to improve security.
maxosx is offline   2 Reply With Quote
Old Feb 19, 2013, 06:09 PM   #4
komodrone
Banned
 
Join Date: Apr 2011
site is still infected? I remember back in 2010 when Google warned me the site is infected.
komodrone is offline   1 Reply With Quote
Old Feb 19, 2013, 06:10 PM   #5
HiRez
macrumors 601
 
HiRez's Avatar
 
Join Date: Jan 2004
Location: Western US
I have an account at that site, I hope I haven't been hacked. That's scary. I installed the update and didn't get a notification, hopefully it's OK. Does that apply to Java 10.6 running on Lion 10.7 also?
__________________
Go outside, the graphics are amazing!
HiRez is offline   0 Reply With Quote
Old Feb 19, 2013, 06:13 PM   #6
Peace
macrumors P6
 
Peace's Avatar
 
Join Date: Apr 2005
Location: Space--The ONLY Frontier
Folks are gonna get ticked at me but man. Had developers used the dev discussion instead of this place there probably wouldn't be this problem.

Is that site a place for jailbreakers ?
Peace is offline   1 Reply With Quote
Old Feb 19, 2013, 06:15 PM   #7
Kashsystems
macrumors 6502
 
Join Date: Jul 2012
Quote:
Originally Posted by Peace View Post
Folks are gonna get ticked at me but man. Had developers used the dev discussion instead of this place there probably wouldn't be this problem.

Is that site a place for jailbreakers ?
No it is a site where ios developer discuss code, questions about business, and look for developers to work with.
Kashsystems is offline   8 Reply With Quote
Old Feb 19, 2013, 06:16 PM   #8
technowar
macrumors 6502
 
Join Date: Apr 2011
Location: Cebu, Philippines
The site's on maintenance mode.
__________________
Trigger Happy
technowar is offline   0 Reply With Quote
Old Feb 19, 2013, 06:16 PM   #9
ratfink
macrumors member
 
Join Date: Feb 2012
Several times over the last few years I remember searching for a development issue and seeing this site near the top but with a malware warning. It would seemingly fluctuate day-to-day or even hour-to-hour.
ratfink is offline   1 Reply With Quote
Old Feb 19, 2013, 06:18 PM   #10
Peace
macrumors P6
 
Peace's Avatar
 
Join Date: Apr 2005
Location: Space--The ONLY Frontier
Quote:
Originally Posted by Kashsystems View Post
No it is a site where ios developer discuss code, questions about business, and look for developers to work with.
In other words a 3rd. party place that serves the same function as the iPhone Dev discussions.
Peace is offline   1 Reply With Quote
Old Feb 19, 2013, 06:24 PM   #11
fins831
macrumors 6502a
 
Join Date: Oct 2011
Call me crazy, but this along with the chinese 'supposed' hackings, all while the government is getting ready to make another cyber legislation push....this is all TOO PERFECT.

the timing of everything is so suspect. Maybe I am trying to read between the lines but if they want to take away our rights on the internet, the first thing they have to do is scare us enough to allow us to waive them, raise the white flag.
__________________
iPhone 6 Silver 64 gig
2012 MacBook Pro 16 Gig 256 SSD
iPad 3
fins831 is offline   18 Reply With Quote
Old Feb 19, 2013, 06:24 PM   #12
arn
macrumors god
 
arn's Avatar
 
Join Date: Apr 2001
Send a message via AIM to arn
Quote:
Originally Posted by Peace View Post
In other words a 3rd. party place that serves the same function as the iPhone Dev discussions.
Sure but then this is a forum that serves the same functions as apple support forums
arn is offline   8 Reply With Quote
Old Feb 19, 2013, 06:26 PM   #13
Renzatic
macrumors 604
 
Renzatic's Avatar
 
Join Date: Aug 2011
Location: HEY!
Quote:
Originally Posted by fins831 View Post
snip
If that's true, how is this any worse than all the other millions of hacks, keyloggers, virii, and malware exploits we've been facing down for the past 20 odd years?
Renzatic is online now   1 Reply With Quote
Old Feb 19, 2013, 06:26 PM   #14
nagromme
macrumors G5
 
nagromme's Avatar
 
Join Date: May 2002
Just visited the site and nothing happened to me.

Long live President Hu Jintao!
nagromme is offline   10 Reply With Quote
Old Feb 19, 2013, 06:30 PM   #15
samcraig
macrumors G5
 
Join Date: Jun 2009
Ohhhhhhh the ironyyyyyy
samcraig is online now   0 Reply With Quote
Old Feb 19, 2013, 06:31 PM   #16
Fatalbert
Banned
 
Join Date: Feb 2013
1. Apple, ban Java from your employees' computers that need to be secure.

2. I'd pay extra for an ISP that has severed all connections to China. Really, just ban them from the Internet. That country is downright nasty. I get connections all the time from it trying to get the admin password from my website, and I've been unsuccessfully brute force attacked over SSH once from China (after that, I changed my SSH port to something non-default). The only good thing about China having advanced tech is that Cables Unlimited can make its probably-illegal HDCP remover to free us from Intel's BS.

This looks really bad for Oracle and Apple, though it's mainly Oracle's fault. I think Apple should release a statement to shove the blame over, which would help with their quest to kill Java (not that I agree with their goals fully).

Last edited by Fatalbert; Feb 19, 2013 at 07:22 PM.
Fatalbert is offline   4 Reply With Quote
Old Feb 19, 2013, 06:32 PM   #17
sparkso
macrumors member
 
Join Date: Dec 2009
What were the impact of the hackings though? What did the hackers do to those employees computers?
sparkso is offline   0 Reply With Quote
Old Feb 19, 2013, 06:33 PM   #18
Tankmaze
macrumors 65816
 
Tankmaze's Avatar
 
Join Date: Mar 2012
Iphonedevsdk always had trouble in the past. From the malware warning, hacked site (down) and now this.

Maybe all the members can migrate here. The discussion on that site is gold.
__________________
Check out our game Tank Maze
Tankmaze is offline   0 Reply With Quote
Old Feb 19, 2013, 06:37 PM   #19
Peace
macrumors P6
 
Peace's Avatar
 
Join Date: Apr 2005
Location: Space--The ONLY Frontier
Quote:
Originally Posted by arn View Post
Sure but then this is a forum that serves the same functions as apple support forums
Oh. I agree. I was commenting on the state of relationships between Apple and developers.

It's sad that developers have to go to a 3rd party website for collaboration instead of Apple's official Dev portal.

[edit]

I might add this is going to cause some bad blood between Apple and the devs that go to the other website. Perhaps it will shake things up a bit.

[/edit]
Peace is offline   1 Reply With Quote
Old Feb 19, 2013, 06:40 PM   #20
TouchMint.com
macrumors 65816
 
TouchMint.com's Avatar
 
Join Date: May 2012
Location: Phoenix
Quote:
Originally Posted by Tankmaze View Post
Iphonedevsdk always had trouble in the past. From the malware warning, hacked site (down) and now this.

Maybe all the members can migrate here. The discussion on that site is gold.
I visit this site daily its too bad this crap keeps happening. My work is going to be pissed if they have to wipe my machine again.

Last time it went down macrumors created a business sub forum but people dont use it much here maybe that will change now.

----------

On a side note its really suprising apple empolyees visit that site and we all thought they didnt care about devs...
__________________
TouchMint.com iOS App Site
Adventure To Fate iOS RPG Game Site
Indie iOS Game: Adventure To Fate : A Quest To The Core JRPG

TouchMint.com is offline   0 Reply With Quote
Old Feb 19, 2013, 06:52 PM   #21
Ryth
macrumors 65816
 
Join Date: Apr 2011
I will not have networked computers aboard this ship

- Adama


Words of wisdom folks.
Ryth is offline   3 Reply With Quote
Old Feb 19, 2013, 06:58 PM   #22
coolfactor
macrumors 68000
 
Join Date: Jul 2002
Location: Vancouver, BC CANADA
Quote:
Originally Posted by Tankmaze View Post
Iphonedevsdk always had trouble in the past. From the malware warning, hacked site (down) and now this.

Maybe all the members can migrate here. The discussion on that site is gold.
This is an example of the prevalence of cheap hosting and open web frameworks. Overconfidence by do-it-yourself website creators that think that they've got it good, but fail to take all of the proper measures to secure their sites.
coolfactor is offline   0 Reply With Quote
Old Feb 19, 2013, 07:05 PM   #23
ArtOfWarfare
macrumors 603
 
ArtOfWarfare's Avatar
 
Join Date: Nov 2007
Send a message via Skype™ to ArtOfWarfare
Quote:
Originally Posted by komodrone View Post
site is still infected? I remember back in 2010 when Google warned me the site is infected.
Google has warned me about it every few months.
ArtOfWarfare is offline   0 Reply With Quote
Old Feb 19, 2013, 07:06 PM   #24
macsrcool1234
macrumors 6502a
 
Join Date: Oct 2010
Quote:
Originally Posted by Fatalbert View Post
1. Apple, ban Java from your employees' computers that need to be secure.

2. I'd pay extra for an ISP that has severed all connections to China. That country is downright nasty. I get connections all the time from it trying to get the admin password from my website, and I've been unsuccessfully brute force attacked over SSH once from China (after that, I changed my SSH port to something non-default). The only good thing about China having advanced tech is that Cables Unlimited can make its probably-illegal HDCP remover to free us from Intel's BS.

This looks really bad for Oracle and Apple, though it's mainly Oracle's fault. I think Apple should release a statement to shove the blame over, which would help with their quest to kill Java (not that I agree with their goals fully).

Couldn't agree more. After banning all ips originating from that area, our hacking attempts were reduced by more than 50%.

As far as the internet is concerned, nothing good comes out of China.
macsrcool1234 is offline   2 Reply With Quote
Old Feb 19, 2013, 07:19 PM   #25
koban4max
Banned
 
Join Date: Aug 2011
I guess mac become so insecure.....
koban4max is offline   0 Reply With Quote

Reply
MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Commemorative Posters at Apple Campus List All Former and Current Apple Employees MacRumors MacRumors.com News Discussion 114 Dec 2, 2014 05:06 AM
Tim Cook to Apple Employees in New Video: 'At Apple, We Do the Right Thing' MacRumors MacRumors.com News Discussion 173 Jul 14, 2014 03:56 PM
Apple CEO Tim Cook Joins Twitter, First Tweet About Visiting Palo Alto Apple Retail Stores MacRumors MacRumors.com News Discussion 134 Sep 22, 2013 02:35 AM
iPhoneDevSDK Details What Led to Apple, Facebook Hacking MacRumors MacRumors.com News Discussion 37 Feb 22, 2013 12:57 AM
iPhoneDevSDK gone? KarlJay App Store Business, Legal and Marketıng 51 Jul 19, 2012 06:48 AM

Forum Jump

All times are GMT -5. The time now is 04:56 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC