Apple victim of malware attack

The company said it has found no evidence that the attackers stole any data
  • Agam Shah (IDG News Service)
  • — 19 February, 2013 20:08

Apple on Tuesday said it was a victim of a malware attack. A small number of systems inside the company were compromised.

The malware attack was tied to a vulnerability in a Java plug-in for browsers, Apple said in a statement sent via email.

"There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware," the statement reads.

Apple isolated the infected systems from its network.

The malware reached Apple computers through a website for software developers. The same malware is also tied to recent malware attacks against Facebook.

Apple is releasing a tool that scans Macs and removes the Java malware. Oracle has also released an update to Java that fixes the vulnerability.

Security concerns prompted Apple to stop adding Java to the operating system by default starting with Mac OS X Lion. However, users can install it independently. If Java is installed, it is automatically disabled after 35 days if not used.

Agam Shah covers PCs, tablets, servers, chips and semiconductors for IDG News Service. Follow Agam on Twitter at @agamsh. Agam's e-mail address is agam_shah@idg.com

Tags: Apple, security

Aussie drug prescriptions sit pretty for health fraud

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Sophos Mobile Control

Data protection, policy compliance and device control for mobile devices

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.