Apple, Facebook, Twitter attacked using security exploit in Java browser plug-in.
Apple has revealed that it was also the victim of the same hackers that recently attacked Facebook. In a statement to The Loop, Apple has said that hackers infected systems being used by Apple employees with malware using an exploit in the Java plug-in for browsers. Ars Technica reports that the infection originated from the same source in both Facebook and Apple's case- an iPhone developer forum called iphonedevsdk.com (don't visit the site as it may still be infected).
Sources close to Reuters have revealed that the recent Twitter hack was also a part of the same cybercrime campaign. Apple has said that it has shipped a Java malware detection tool for Mac OS X users. Like Facebook, Apple has also claimed that even though the hackers did manage to successfully infect computers within the company, no user data or critical data had been found to be at risk.
This latest revelation by Apple marks a particularly eventful period with respect to cybersecurity and American companies. Facebook recently revealed that it too was attacked by hackers with the exact modus operandi as the Apple hackers. The social networking giant said that after being informed, Oracle (the company behind Java) rushed out a patch that fixed the vulnerability. Earlier this month, Twitter also revealed that hackers had made off with data of 2,50,000 users leading the micro-blogging service to introduce more stringent security measures including a two-step authentication system.
It remains to be seen how Oracle will deal with these numerous security exploits that have popped up in its Java platform. Apple has already been shipping computers without Java for a while and also recently blocked Java entirely from running on its Safari browser until Oracle was forced to release a hasty update.