Apple, Facebook and Twitter Hackers Based in Eastern Europe
By David Gilbert | February 21, 2013 2:53 AM EST
It was revealed by Facebook that the attack vector was a mobile developer website which has now been identified as iphonedevsdk.com. The criminals behind the "sophisticated attack" used a Java exploit to silently download malware onto computers running Apple's Mac OS X software.
Rather than trying to breach each company individually, this so-called "watering hole attack" sees criminals plant malware onto a website which is likely to be visited by a large number of the companies they are attempting to attack.
According to sources speaking to Bloomberg at least 40 companies have been affected by this malware attack, with the cyber-criminals looking to gather sensitive corporate data to sell on the black market.
According to sources familiar with investigations by the FBI and the Secret Service in the US, investigators suspect the hackers are "a criminal group based in Russia or Eastern Europe, and [they] have tracked at least one server being used by the group to a hosting company in the Ukraine."
"We had no knowledge of this breach and hadn't been contacted by Facebook, any other company, or any law enforcement about the potential breach."
Sefferman said that as the site was the "most widely read dedicated iOS developer forum" it was regularly a target for attacks and that security was a top priority.
Cyber-attacks like this targeting Apple computers are rare, as the vast majority of PCs in use around the world run Windows software, which the vast majority of malware takes advantage of.
However, as security advisor with F-Secure, Sean Sullivan, points out, in the rarefied world of Silicon Valley developers, the percentage of Macs in use is much higher. In fact Sullivan estimates that the make-up is reversed with close to 85 percent of developers using Apple computers in their day-to-day work.
"As such, there is relatively high motivation for bad guys to develop "sophisticated" attacks that incorporate Mac-based payloads. Folks who use their Macs for work should not have the same sense of security as home users," Sullivan says.
To contact the editor, e-mail: