Skip to Main Content
PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

Apple Also Targeted by Hackers, Company Reveals

Apple has made the rare admission that it was the victim of hackers.

By Angela Moscaritolo
February 19, 2013
8 Simple Tips for Mac Security

The list of high-profile tech companies victimized by hackers is growing.  

Just days after Facebook revealed that its systems were "targeted in a sophisticated attack," Apple has now made the rare admission that it too was the victim of hackers. The Cupertino tech giant's computers were attacked by the same online miscreants who targeted Facebook. No data appears to have been stolen in the Apple hack.

"Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers," Apple said in a statement to PCMag.com. "The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers."

A "small number" of Apple employees' Mac computers were breached, though "there was no evidence that any data left Apple," the company said. Upon discovering the intrusion, Apple isolated the infected computers from its network and began working with law enforcement to find the source of the malware.  

Apple said it will release a software tool on Tuesday to protect Mac users against the malware leveraged by attackers.

"Since OS X Lion, Macs have shipped without Java installed, and as an added security measure OS X automatically disables Java if it has been unused for 35 days," the company said. "To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found."

The attack on Apple employee computers was first reported Tuesday by Reuters.

The news comes after Facebook on Friday said its systems were breached after a handful of employees visited a compromised mobile developer website. The website in question was hosting an exploit that installed malware on the computer of anyone who visited it. The social network said it found no evidence that any user data was compromised by the malware.

Apple and Facebook aren't alone. Earlier this month, Twitter said that it detected "unusual access patterns" on its network, which indicated that attackers might have accessed the user data of approximately 250,000 users.

Meanwhile, security researchers on Tuesday revealed they have traced a prolific group of computer hackers to a government-backed, military building in Shanghai, China. According to a new report from Mandiant, the People's Liberation Army Unit 61398 is located "in precisely the same area" as a section of APT1, an advanced persistent threat group that has stolen hundreds of terabytes of data from at least 141 organizations worldwide.

Update: As promised, Apple on Tuesday released a Java security update to address the flaw. Java for OS X 2013-001 is available in the Software Update section of the Mac App Store. It is also available for download from Apple's website. Apple advised users to quit any Web browsers and Java applications before installing the update.

For more from Angela, follow her on Twitter @amoscaritolo.

Like What You're Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.


Thanks for signing up!

Your subscription has been confirmed. Keep an eye on your inbox!

Sign up for other newsletters

TRENDING

About Angela Moscaritolo

Managing Editor, Consumer Electronics

I'm PCMag's managing editor for consumer electronics, overseeing an experienced team of analysts covering smart home, home entertainment, wearables, fitness and health tech, and various other product categories. I have been with PCMag for more than 10 years, and in that time have written more than 6,000 articles and reviews for the site. I previously served as an analyst focused on smart home and wearable devices, and before that I was a reporter covering consumer tech news. I'm also a yoga instructor, and have been actively teaching group and private classes for nearly a decade. 

Prior to joining PCMag, I was a reporter for SC Magazine, focusing on hackers and computer security. I earned a BS in journalism from West Virginia University, and started my career writing for newspapers in New Jersey, Pennsylvania, and West Virginia.

Read Angela's full bio

Read the latest from Angela Moscaritolo