Apple, Facebook and Twitter Hackers Based in Eastern Europe

  • Rate this Story
  • 0
  • 0

By David Gilbert | February 21, 2013 2:53 AM EST

According to officials investigation high profile hacks of Apple, Facebook and Twitter, the cyber criminals behind the attacks are based in eastern Europe or Russia.

The past two weeks has seen a spate of revelations by companies such as Twitter, Facebook and most recently Apple about their internal systems being compromised.

It was revealed by Facebook that the attack vector was a mobile developer website which has now been identified as iphonedevsdk.com. The criminals behind the "sophisticated attack" used a Java exploit to silently download malware onto computers running Apple's Mac OS X software.

Rather than trying to breach each company individually, this so-called "watering hole attack" sees criminals plant malware onto a website which is likely to be visited by a large number of the companies they are attempting to attack.

According to sources speaking to Bloomberg at least 40 companies have been affected by this malware attack, with the cyber-criminals looking to gather sensitive corporate data to sell on the black market.

According to sources familiar with investigations by the FBI and the Secret Service in the US, investigators suspect the hackers are "a criminal group based in Russia or Eastern Europe, and [they] have tracked at least one server being used by the group to a hosting company in the Ukraine."

Revealed

It was revealed by AllThingsD earlier this week that the website hosting the malware was iPhonedevsdk.com but today, Ian Sefferman, an administrator with the site, said:

"We had no knowledge of this breach and hadn't been contacted by Facebook, any other company, or any law enforcement about the potential breach."

Sefferman said that as the site was the "most widely read dedicated iOS developer forum" it was regularly a target for attacks and that security was a top priority.

According to Sefferman a single administrator account was compromised and the hackers used the account to modify the website's theme and inject JavaScript into the site. "That JavaScript appears to have used a sophisticated, previously unknown exploit to hack into certain user's computers."

Cyber-attacks like this targeting Apple computers are rare, as the vast majority of PCs in use around the world run Windows software, which the vast majority of malware takes advantage of.

However, as security advisor with F-Secure, Sean Sullivan, points out, in the rarefied world of Silicon Valley developers, the percentage of Macs in use is much higher. In fact Sullivan estimates that the make-up is reversed with close to 85 percent of developers using Apple computers in their day-to-day work.

"As such, there is relatively high motivation for bad guys to develop "sophisticated" attacks that incorporate Mac-based payloads. Folks who use their Macs for work should not have the same sense of security as home users," Sullivan says.

Sullivan had previously warned that the Facebook attacks indicated a much larger danger for mobile app developers who don't have the security resources of the likes of Apple, Facebook and Twitter.

To contact the editor, e-mail:

  • Rate this Story
  • 0
  • 0
This article is copyrighted by IBTimes.co.uk, the business news leader

Join the Conversation

IBTimes TV
E-Newsletters

We value your privacy. Your email address will not be shared.