Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Employees Hacked By Visiting iPhoneDevSDK

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
63,483
30,719



As reported by The New York Times, the software development website responsible for seeding malicious software to Mac computers at Apple, Facebook, and presumably Twitter has been revealed by a person who was involved with the investigation at Facebook.

The compromised site, iPhoneDevSDK, is an online forum designed for software developers. The site is still infected, and visiting it is not recommended.

iphonedevsksite.jpg
At this time, it is unknown if the site had any involvement in the attacks, though it is likely that it was the work of third party hackers given the site's prominent standing as a dedicated community for iPhone developers.

Apple this morning announced that a small number of its employees' computers had been compromised through the Java plug-in vulnerability, an issue that has now been fixed with the Java update and malware removal tool released by Apple this afternoon.

Mac users can determine whether or not they have been affected by the security flaw by installing the Java update, which will notify a user if malware is found. Apple says that the Java update and malware removal tool will "remove the most common variants of malware."

As noted by The Next Web, iPhoneDevSDK is currently in maintenance mode.

Article Link: Apple Employees Hacked By Visiting iPhoneDevSDK
 
Article Link
https://www.macrumors.com/2013/02/19/apple-employees-hacked-by-visiting-iphonedevsk/
gmanist1000

gmanist1000

macrumors 68030
Sep 22, 2009
2,832
824
Hacked this hacked that... this is turning out well for cyber-security enthusiasts.
 
M

maxosx

macrumors 68020
Dec 13, 2012
2,385
1
Southern California
The amount of breaches no matter the platform is truly getting out of control. It's time for increased focus by all in the tech sector to improve security.
 
K

komodrone

macrumors 6502
Apr 26, 2011
499
0
site is still infected? I remember back in 2010 when Google warned me the site is infected.
 
HiRez

HiRez

macrumors 603
Jan 6, 2004
6,250
2,576
Western US
I have an account at that site, I hope I haven't been hacked. That's scary. I installed the update and didn't get a notification, hopefully it's OK. Does that apply to Java 10.6 running on Lion 10.7 also?
 
Peace

Peace

Cancelled
Apr 1, 2005
19,546
4,556
Space The Only Frontier
Folks are gonna get ticked at me but man. Had developers used the dev discussion instead of this place there probably wouldn't be this problem.

Is that site a place for jailbreakers ?
 
K

Kashsystems

macrumors 6502
Jul 23, 2012
358
1
Peace said:
Folks are gonna get ticked at me but man. Had developers used the dev discussion instead of this place there probably wouldn't be this problem.

Is that site a place for jailbreakers ?
Click to expand...

No it is a site where ios developer discuss code, questions about business, and look for developers to work with.
 
R

ratfink

macrumors member
Feb 11, 2012
49
0
Several times over the last few years I remember searching for a development issue and seeing this site near the top but with a malware warning. It would seemingly fluctuate day-to-day or even hour-to-hour.
 
F

fins831

macrumors 6502a
Oct 7, 2011
657
0
Call me crazy, but this along with the chinese 'supposed' hackings, all while the government is getting ready to make another cyber legislation push....this is all TOO PERFECT.

the timing of everything is so suspect. Maybe I am trying to read between the lines but if they want to take away our rights on the internet, the first thing they have to do is scare us enough to allow us to waive them, raise the white flag.
 
arn

arn

macrumors god
Staff member
Apr 9, 2001
16,363
5,795
Peace said:
In other words a 3rd. party place that serves the same function as the iPhone Dev discussions.
Click to expand...

Sure but then this is a forum that serves the same functions as apple support forums
 
nagromme

nagromme

macrumors G5
May 2, 2002
12,546
1,196
Just visited the site and nothing happened to me.

Long live President Hu Jintao!
 
F

Fatalbert

macrumors 6502
Feb 6, 2013
398
0
1. Apple, ban Java from your employees' computers that need to be secure.

2. I'd pay extra for an ISP that has severed all connections to China. Really, just ban them from the Internet. That country is downright nasty. I get connections all the time from it trying to get the admin password from my website, and I've been unsuccessfully brute force attacked over SSH once from China (after that, I changed my SSH port to something non-default). The only good thing about China having advanced tech is that Cables Unlimited can make its probably-illegal HDCP remover to free us from Intel's BS.

This looks really bad for Oracle and Apple, though it's mainly Oracle's fault. I think Apple should release a statement to shove the blame over, which would help with their quest to kill Java (not that I agree with their goals fully).
 
Last edited:
S

sparkso

macrumors regular
Dec 3, 2009
142
49
What were the impact of the hackings though? What did the hackers do to those employees computers?
 
Tankmaze

Tankmaze

macrumors 68000
Mar 7, 2012
1,707
351
Iphonedevsdk always had trouble in the past. From the malware warning, hacked site (down) and now this.

Maybe all the members can migrate here. The discussion on that site is gold.
 
Peace

Peace

Cancelled
Apr 1, 2005
19,546
4,556
Space The Only Frontier
arn said:
Sure but then this is a forum that serves the same functions as apple support forums
Click to expand...

Oh. I agree. I was commenting on the state of relationships between Apple and developers.

It's sad that developers have to go to a 3rd party website for collaboration instead of Apple's official Dev portal.

[edit]

I might add this is going to cause some bad blood between Apple and the devs that go to the other website. Perhaps it will shake things up a bit.

[/edit]
 
TouchMint.com

TouchMint.com

macrumors 68000
May 25, 2012
1,625
318
Phoenix
Tankmaze said:
Iphonedevsdk always had trouble in the past. From the malware warning, hacked site (down) and now this.

Maybe all the members can migrate here. The discussion on that site is gold.
Click to expand...

I visit this site daily its too bad this crap keeps happening. My work is going to be pissed if they have to wipe my machine again.

Last time it went down macrumors created a business sub forum but people dont use it much here maybe that will change now.

----------

On a side note its really suprising apple empolyees visit that site and we all thought they didnt care about devs... :rolleyes:
 
R

Ryth

macrumors 68000
Apr 21, 2011
1,591
157
I will not have networked computers aboard this ship

- Adama

Words of wisdom folks.
 
C

coolfactor

macrumors 604
Jul 29, 2002
7,040
9,697
Vancouver, BC
Tankmaze said:
Iphonedevsdk always had trouble in the past. From the malware warning, hacked site (down) and now this.

Maybe all the members can migrate here. The discussion on that site is gold.
Click to expand...

This is an example of the prevalence of cheap hosting and open web frameworks. Overconfidence by do-it-yourself website creators that think that they've got it good, but fail to take all of the proper measures to secure their sites.
 
M

macsrcool1234

Suspended
Oct 7, 2010
1,551
2,130
Fatalbert said:
1. Apple, ban Java from your employees' computers that need to be secure.

2. I'd pay extra for an ISP that has severed all connections to China. That country is downright nasty. I get connections all the time from it trying to get the admin password from my website, and I've been unsuccessfully brute force attacked over SSH once from China (after that, I changed my SSH port to something non-default). The only good thing about China having advanced tech is that Cables Unlimited can make its probably-illegal HDCP remover to free us from Intel's BS.

This looks really bad for Oracle and Apple, though it's mainly Oracle's fault. I think Apple should release a statement to shove the blame over, which would help with their quest to kill Java (not that I agree with their goals fully).
Click to expand...


Couldn't agree more. After banning all ips originating from that area, our hacking attempts were reduced by more than 50%.

As far as the internet is concerned, nothing good comes out of China.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom