{"id":3472,"date":"2013-02-21T20:10:15","date_gmt":"2013-02-21T20:10:15","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=3472"},"modified":"2015-09-09T19:36:55","modified_gmt":"2015-09-09T11:36:55","slug":"apple-facebook-hundreds-more-hacked-by-0-day-java-exploit","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2013\/02\/apple-facebook-hundreds-more-hacked-by-0-day-java-exploit\/","title":{"rendered":"Apple, Facebook &#038; Hundreds More Hacked By 0-Day Java Exploit"},"content":{"rendered":"<p>There&#8217;s an awful lot of high profile hacks going on lately, with some people linking them to the Chinese and a large-scale attack on Western companies. Before this, <a href=\"https:\/\/www.darknet.org.uk\/2013\/02\/twitter-breach-leaks-250000-user-e-mails-passwords\/\">Twitter Breach Leaks 250,000 User E-mails &#038; Passwords<\/a> &#8211; was probably the most high profile case.<\/p>\n<p>Now <a href=\"https:\/\/www.darknet.org.uk\/category\/apple-hacking\/\">Apple<\/a>, <a href=\"https:\/\/www.darknet.org.uk\/tag\/facebook\/\">Facebook<\/a> and quite possibly hundreds of other companies have been hit by a drive by browser exploit in Java on the Mac OSX platform.<\/p>\n<p>Apple has already issued an update for this vulnerability and also a malware scanner which will detect common variations of the infection.<\/p>\n<blockquote><p>Apple, Facebook and &#8220;hundreds of other companies&#8221; have had their Mac computers hacked in a sophisticated campaign mounted by an unknown adversary.<\/p>\n<p>Attackers were able to infect Apple, along with other businesses around the world with Mac malware delivered via a Java zero-day vulnerability, Reuters reported on Tuesday, after receiving information from a source at Apple.<\/p>\n<p>The hack used the same Java zero-day and associated Mac malware as the one which Facebook disclosed last week, the Apple source indicated.<\/p>\n<p>Hundreds of companies, including defense contractors, have been infected with the same malicious software, the source said.<\/p>\n<p>&#8220;This is the first really big attack on Macs,&#8221; Reuters&#8217;s source said, &#8220;Apple has more on its hands than the attack on itself.&#8221;<\/p>\n<p>Apple plans to release a software tool to detect and remove the Java-related malware, the company said in a statement to AllThingsD. Java has not shipped with Macs since the release of OS X Lion.<\/p><\/blockquote>\n<p>The whole Chinese hacker thing is a bit of a media frenzy though, as you&#8217;d know if you&#8217;ve been reading this site for a while &#8211; these attacks have been going for a while.<\/p>\n<p>Mandiant is not helping the situation either with their 60 page report on Chinese hacking on American companies &#8211; <a href=\"http:\/\/www.networkworld.com\/news\/2013\/022113-mandiant-gains-instant-fame-after-266904.html?source=nww_rss\">Mandiant gains instant fame after Chinese hack report<\/a>.<\/p>\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3033787195489589\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<!-- Darknet Responsive Post Ad Links [previously link ad unit] -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-client=\"ca-pub-3033787195489589\"\r\n     data-ad-slot=\"5456620019\"\r\n     data-ad-format=\"auto\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script>\n<blockquote><p>The Mac malware could have been used to deliver a backdoor onto the computers via the installation of an SSH Daemon, allowing hackers to remotely control parts of the affected system, Finnish virus experts F-Secure indicated in a blog post on Monday.<\/p>\n<p>At the time, they classed the Facebook hack as a &#8220;watering hole&#8221; attack, which sought to target Facebook users by infecting the company behind the social network.<\/p>\n<p>With the revelations from Apple, it appears the attack could have been part of a widespread hacking campaign against various companies including Facebook and <a href=\"https:\/\/www.darknet.org.uk\/2013\/02\/twitter-breach-leaks-250000-user-e-mails-passwords\/\">Twitter<\/a> as well.<\/p>\n<p>At the time of writing Google had not responded to queries about whether it had also been targeted, and Microsoft declined to comment.<\/p>\n<p>The news comes alongside the release of a report on Tuesday that linked the Chinese People&#8217;s Liberation Army to hackers that have been mounting a &#8220;Cold War&#8221; style campaign against Western companies.<\/p>\n<p>The report implicated the PLA in a variety of major hacking campaigns that have occurred over the past few years, including 2011&#8217;s <a href=\"https:\/\/www.darknet.org.uk\/2011\/06\/rsa-finally-admits-40-million-securid-tokens-have-been-compromised\/\">RSA hack that compromised SecurID encryption tokens<\/a>.<\/p><\/blockquote>\n<p>The US administration have also added some fuel to the fire with a 141 page PDF strategy &#8211; <a href=\"http:\/\/www.theregister.co.uk\/2013\/02\/21\/us_revamped_cyber_strategy\/\">Obama&#8217;s new cyber-security tactics finger corrupt staff, China.<\/a><\/p>\n<p>It goes without saying, but if you&#8217;re running a Mac, make sure you apply the latest patches from Apple.<\/p>\n<p>Source: <a href=\"http:\/\/www.theregister.co.uk\/2013\/02\/19\/apple_hacked\/\">The Register<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>There&#8217;s an awful lot of high profile hacks going on lately, with some people linking them to the Chinese and a large-scale attack on Western companies. Before this, Twitter Breach Leaks 250,000 User E-mails &#038; Passwords &#8211; was probably the most high profile case. Now Apple, Facebook and quite possibly hundreds of other companies have [&hellip;]<\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[18,10],"tags":[103,3139,1160,5082,279,2509,102,6679],"featured_image_src":null,"featured_image_src_square":null,"author_info":{"display_name":"Darknet","author_link":"https:\/\/www.darknet.org.uk\/author\/darknet\/"},"_links":{"self":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/3472"}],"collection":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/comments?post=3472"}],"version-history":[{"count":0,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/3472\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/media?parent=3472"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/categories?post=3472"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/tags?post=3472"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}