Apple Employees Hacked By Visiting iPhoneDevSDK

Discussion in ' News Discussion' started by MacRumors, Feb 19, 2013.

  1. macrumors bot


    Apr 12, 2001

    As reported by The New York Times, the software development website responsible for seeding malicious software to Mac computers at Apple, Facebook, and presumably Twitter has been revealed by a person who was involved with the investigation at Facebook.

    The compromised site, iPhoneDevSDK, is an online forum designed for software developers. The site is still infected, and visiting it is not recommended.

    At this time, it is unknown if the site had any involvement in the attacks, though it is likely that it was the work of third party hackers given the site's prominent standing as a dedicated community for iPhone developers.

    Apple this morning announced that a small number of its employees' computers had been compromised through the Java plug-in vulnerability, an issue that has now been fixed with the Java update and malware removal tool released by Apple this afternoon.

    Mac users can determine whether or not they have been affected by the security flaw by installing the Java update, which will notify a user if malware is found. Apple says that the Java update and malware removal tool will "remove the most common variants of malware."

    As noted by The Next Web, iPhoneDevSDK is currently in maintenance mode.

    Article Link: Apple Employees Hacked By Visiting iPhoneDevSDK
  2. macrumors 68020


    Sep 22, 2009
    Hacked this hacked that... this is turning out well for cyber-security enthusiasts.
  3. macrumors 68020

    Dec 13, 2012
    Southern California
    The amount of breaches no matter the platform is truly getting out of control. It's time for increased focus by all in the tech sector to improve security.
  4. macrumors 6502

    Apr 26, 2011
    site is still infected? I remember back in 2010 when Google warned me the site is infected.
  5. macrumors 601


    Jan 6, 2004
    Western US
    I have an account at that site, I hope I haven't been hacked. That's scary. I installed the update and didn't get a notification, hopefully it's OK. Does that apply to Java 10.6 running on Lion 10.7 also?
  6. macrumors P6


    Apr 1, 2005
    Space--The ONLY Frontier
    Folks are gonna get ticked at me but man. Had developers used the dev discussion instead of this place there probably wouldn't be this problem.

    Is that site a place for jailbreakers ?
  7. macrumors 6502

    Jul 23, 2012
    No it is a site where ios developer discuss code, questions about business, and look for developers to work with.
  8. macrumors 6502

    Apr 1, 2011
    Cebu, Philippines
  9. macrumors member

    Feb 11, 2012
    Several times over the last few years I remember searching for a development issue and seeing this site near the top but with a malware warning. It would seemingly fluctuate day-to-day or even hour-to-hour.
  10. macrumors P6


    Apr 1, 2005
    Space--The ONLY Frontier
    In other words a 3rd. party place that serves the same function as the iPhone Dev discussions.
  11. macrumors 6502a

    Oct 7, 2011
    Call me crazy, but this along with the chinese 'supposed' hackings, all while the government is getting ready to make another cyber legislation push....this is all TOO PERFECT.

    the timing of everything is so suspect. Maybe I am trying to read between the lines but if they want to take away our rights on the internet, the first thing they have to do is scare us enough to allow us to waive them, raise the white flag.
  12. arn
    macrumors god


    Staff Member

    Apr 9, 2001
    Sure but then this is a forum that serves the same functions as apple support forums
  13. macrumors G3


    Aug 3, 2011
    It's Never A Good Night To Have A Curse
    If that's true, how is this any worse than all the other millions of hacks, keyloggers, virii, and malware exploits we've been facing down for the past 20 odd years?
  14. macrumors G5


    May 2, 2002
    Just visited the site and nothing happened to me.

    Long live President Hu Jintao!
  15. macrumors Pentium

    Jun 22, 2009
  16. Fatalbert, Feb 19, 2013
    Last edited: Feb 19, 2013

    macrumors 6502

    Feb 6, 2013
    1. Apple, ban Java from your employees' computers that need to be secure.

    2. I'd pay extra for an ISP that has severed all connections to China. Really, just ban them from the Internet. That country is downright nasty. I get connections all the time from it trying to get the admin password from my website, and I've been unsuccessfully brute force attacked over SSH once from China (after that, I changed my SSH port to something non-default). The only good thing about China having advanced tech is that Cables Unlimited can make its probably-illegal HDCP remover to free us from Intel's BS.

    This looks really bad for Oracle and Apple, though it's mainly Oracle's fault. I think Apple should release a statement to shove the blame over, which would help with their quest to kill Java (not that I agree with their goals fully).
  17. macrumors member

    Dec 3, 2009
    What were the impact of the hackings though? What did the hackers do to those employees computers?
  18. macrumors 68000


    Mar 7, 2012
    Iphonedevsdk always had trouble in the past. From the malware warning, hacked site (down) and now this.

    Maybe all the members can migrate here. The discussion on that site is gold.
  19. macrumors P6


    Apr 1, 2005
    Space--The ONLY Frontier
    Oh. I agree. I was commenting on the state of relationships between Apple and developers.

    It's sad that developers have to go to a 3rd party website for collaboration instead of Apple's official Dev portal.


    I might add this is going to cause some bad blood between Apple and the devs that go to the other website. Perhaps it will shake things up a bit.

  20. macrumors 65816

    May 25, 2012
    I visit this site daily its too bad this crap keeps happening. My work is going to be pissed if they have to wipe my machine again.

    Last time it went down macrumors created a business sub forum but people dont use it much here maybe that will change now.


    On a side note its really suprising apple empolyees visit that site and we all thought they didnt care about devs... :rolleyes:
  21. macrumors 65816

    Apr 21, 2011
    I will not have networked computers aboard this ship

    - Adama

    Words of wisdom folks.
  22. macrumors 68020

    Jul 29, 2002
    Vancouver, BC CANADA
    This is an example of the prevalence of cheap hosting and open web frameworks. Overconfidence by do-it-yourself website creators that think that they've got it good, but fail to take all of the proper measures to secure their sites.
  23. macrumors 604


    Nov 26, 2007
    Google has warned me about it every few months.
  24. macrumors 6502a

    Oct 7, 2010

    Couldn't agree more. After banning all ips originating from that area, our hacking attempts were reduced by more than 50%.

    As far as the internet is concerned, nothing good comes out of China.
  25. macrumors 68000

    Aug 23, 2011

Share This Page