or Connect
AppleInsider › Forums › Software › Mac OS X › Apple attacked by Chinese hackers, Mac software tool coming to protect consumers
New Posts  All Forums:Forum Nav:

Apple attacked by Chinese hackers, Mac software tool coming to protect consumers

post #1 of 101
Thread Starter 
Apple on Tuesday disclosed that it was hacked by the same group that targeted social networking site Facebook, and also announced that an incoming software update for OS X will protect consumers from the same type of vulnerability.

Security


Calling it an "unprecedented admission," Apple revealed to Reuters that a sophisticated attack compromised a small number of its employees' Mac laptops. No user information was compromised, and there is no evidence that any information has been stolen.

Apple also revealed that it plans to release a software tool later Tuesday that will protect customers against the same type of software that was used against its employees.

The company also provided a full statement on the matter to The Loop:

"Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware."



Apple is the latest in a number of companies that have come forward to reveal they were hacked by a group from China. Both The New York Times and The Wall Street Journal also revealed earlier this year that their computers were compromised, and those efforts have been linked to the Chinese army.

The group, which has been identified as "Unit 61398" of the People's Liberation Army, also targeted social networking sites Facebook and Twitter in their efforts. The attacks against American corporations are believed to have emanated from a 12-story building located on the outskirts of Shanghai."We identified a small number of systems within Apple that were infected and isolated them from our network," Apple said in a statement

Facebook, in particular, was compromised through a Java exploit that was used to install malware on the company's systems. The attack was detected when Facebook officials noticed a suspicious domain listed in its system request logs.

Also known by the name "Comment Crew," the China-based hacking operation is also said to have gone after companies involved in America's critical infrastructure, such as power, gas and water. The "Crew" has also attacked iconic brands like Coca-Cola.

Chinese officials, however, have denied that their government engages in computer hacking. They have instead suggested that their country is also the victim of such hackers.
post #2 of 101
Companies need to start hacking the hackers. Just sayin...
post #3 of 101
Quote:
Originally Posted by AppleInsider View Post

The attacks against American corporations are believed to have emanated from a 12-story building located on the outskirts of Shanghai.

Isn't that what we have drones for?
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
post #4 of 101
Quote:
Originally Posted by jragosta View Post

Isn't that what we have drones for?

Yep, we know where the building is located and who is behind the attacks.

 

I say that we should retaliate big time. And then we can just play dumb and deny any involvement afterwards. When I say we, I mean the US of course.

post #5 of 101
Quote:
Originally Posted by jragosta View Post

Quote:
Originally Posted by AppleInsider View Post

The attacks against American corporations are believed to have emanated from a 12-story building located on the outskirts of Shanghai.

Isn't that what we have drones for?

 

Imagine their surprise...

post #6 of 101
Quote:
Originally Posted by AppleInsider View Post

Calling it an "unprecedented admission," Apple revealed to Reuters that a sophisticated attack compromised a small number of its employees' Mac laptops. No user information was compromised, and there is no evidence that any information has been stolen.

Then Apple would probably be the only company targeted by the Chinese 61398 group that didn't have anything taken. Not likely IMO.

 

If you want all the details, this is the report for you.

https://docs.google.com/viewer?url=http://assets.sbnation.com/assets/2187805/Mandiant_APT1_Report.pdf

 

An earlier related story.

http://www.theverge.com/2013/2/18/4003732/chinese-cyber-attacks-on-us-corporations-tied-to-army-base

melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #7 of 101
Quote:
Originally Posted by jragosta View Post


Isn't that what we have drones for?

Now that is too funny! Made laugh! :)

post #8 of 101
Time to really start dealing with these people. We are too cozy with them. Screw them. We don't need their money or cheap crap. Plenty of countries can take their place. No more business no more money to try to take us down.
post #9 of 101
Quote:
Originally Posted by Gatorguy View Post

Quote:
Originally Posted by AppleInsider View Post

Calling it an "unprecedented admission," Apple revealed to Reuters that a sophisticated attack compromised a small number of its employees' Mac laptops. No user information was compromised, and there is no evidence that any information has been stolen.
Then Apple would probably be the only company targeted by the Chinese 61398 group that didn't have anything taken. Not likely IMO.

If you want all the details, this is the report for you.
https://docs.google.com/viewer?url=http://assets.sbnation.com/assets/2187805/Mandiant_APT1_Report.pdf

An earlier related story.
http://www.theverge.com/2013/2/18/4003732/chinese-cyber-attacks-on-us-corporations-tied-to-army-base

It's not clear to me in what way either of those reports support your conclusion. Reasoning?
post #10 of 101
Quote:
Originally Posted by "Apple 
[" url="/t/156065/apple-attacked-by-chinese-hackers-mac-software-tool-coming-to-protect-consumers#post_2280297"]Yep, we know where the building is located and who is behind the attacks.

I say that we should retaliate big time. And then we can just play dumb and deny any involvement afterwards. When I say we, I mean the US of course.

We could just say we were hacked.

But doing my best Jerry Fletcher impersonation and putting on my tin foil hat for a minute...

Could the Chinese be doing this to basically eventually get a physical threat against them, thus starting a war?
post #11 of 101
Originally Posted by AppleInsider View Post

Facebook, in particular, was compromised through a Java exploit that was used to install malware on the company's systems. 

 

Surprise!  Time to eradicate Java and its last-century security weaknesses.

Or, since we're talking about Chinese hackers, maybe "purge" is a better word.

Sent from my iPhone Simulator

Reply

Sent from my iPhone Simulator

Reply
post #12 of 101
...and the media will portray this as a malware attack against all Macs.
post #13 of 101
Quote:
Originally Posted by Gatorguy View Post

Not likely IMO.

 

 

You have evidences?

post #14 of 101
Originally Posted by GadgetCanada View Post
China poking the tiger. When the tiger finally bites their hand they're like "Huh!? What!? Why!?"

 

And then they pass a new regulation stating that all tigers have to be in modified enclosures. Sales of tigers in certain parts of the world just stop, since no one wants to redesign their tigers to meet this nonsense requirement. 

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply
post #15 of 101

Curious that when other companies got hacked, it's because they deserved it, their systems have swiss cheese security, their software sucks, etc. But now that Apple got attacked, it's time to fight back against those hackers.

 

And where are the comments saying Apple doesn't need to fix anything because if people stopped trying to hack them, there would be no problem?

post #16 of 101
Quote:
Originally Posted by matrix07 View Post

You have evidences?

That's it's unlikely Apple didn't have any data taken just as the others did? In my opinion yes sir, linked in my previous post. It's being reported that at least 115 companies, most based in the US, have fallen victim with 100's of terabytes taken. These aren't short term attacks according to the report. The New York Times says their cyber-intrusion continued for 4 months before it was discovered. Facebook just became aware of their "Chinese hack" a couple of days ago. 

 

Both the Facebook and Apple intrusions were reported in the past few days.  It's possibly due to a Presidential order last week allowing US intelligence agencies to share what they know about active cyber-intrusions with private companies.

http://www.theverge.com/2013/2/12/3982302/president-obama-signs-cybersecurity-order


Edited by Gatorguy - 2/19/13 at 11:14am
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #17 of 101
Quote:
Originally Posted by Haggar View Post

Curious that when other companies got hacked, it's because they deserved it, their systems have swiss cheese security, their software sucks, etc. But now that Apple got attacked, it's time to fight back against those hackers.

And where are the comments saying Apple doesn't need to fix anything because if people stopped trying to hack them, there would be no problem?

Nice straw man arguments. No one ever made those claims.
Quote:
Originally Posted by starbird73 View Post

We could just say we were hacked.

Great idea. Launch a couple of drones and then send them a message saying "oops. We're terribly sorry, but someone hacked our Defense systems and launched those drones by mistake".
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
post #18 of 101
Quote:
Originally Posted by Gatorguy View Post

That's it's unlikely Apple didn't have any data taken just as the others did? Yes sir, linked in my previous post.

Did your link prove that Apple is the company that lies through the teeth like Google? or you actually have evidences that there are datas taken from Apple's computers? or you're just talking out of your.. umm.. behind?

 

Which one is right?

post #19 of 101
Quote:
Originally Posted by Haggar View Post

Curious that when other companies got hacked, it's because they deserved it, their systems have swiss cheese security, their software sucks, etc. But now that Apple got attacked, it's time to fight back against those hackers.

 

And where are the comments saying Apple doesn't need to fix anything because if people stopped trying to hack them, there would be no problem?

 

This isn't just about Apple. The US government should retaliate against China.

 

And your last comment is just plain dumb.

post #20 of 101
They had to admit it so people know it's a JAVA vulnerability and not OS X.
post #21 of 101
Just Blacklist all of their IP Addresses and be done with it....1smoking.gif
post #22 of 101
Quote:
Originally Posted by muppetry View Post


It's not clear to me in what way either of those reports support your conclusion. Reasoning?

 

They don't. That's classic GG: say that your links support your statement ("If you want all the details") and hope no one reads them.

post #23 of 101

I hate having to have Java installed on my Mac for my Adobe products.  Really irks the hell out of me.

I find it interesting that they know the building in China where the attacks are originating from.  Is it possible they are seeing what action the Chinese Government will take?  Methink the hackers in that building are now clearing out and find another hole to do their business from.

post #24 of 101
Quote:
Originally Posted by gcguy View Post

Time to really start dealing with these people. We are too cozy with them. Screw them. We don't need their money or cheap crap. Plenty of countries can take their place. No more business no more money to try to take us down.

Unfortunately, we do need them (China).

Chinese interests control over 90% of the world's resources of rare earth elements.
post #25 of 101
Apple should go Thermonuclear with China
post #26 of 101
Quote:
Originally Posted by Haggar View Post

Curious that when other companies got hacked, it's because they deserved it, their systems have swiss cheese security, their software sucks, etc. But now that Apple got attacked, it's time to fight back against those hackers.

 

And where are the comments saying Apple doesn't need to fix anything because if people stopped trying to hack them, there would be no problem?

 

Read the article, it's another Java vulnerability, therefore if you don't have Java, OSX isn't vulnerable.

 

Java = Oracle, unacknowledged forks (Dalvik) = Google.

Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
post #27 of 101
Quote:
Originally Posted by usbp456 View Post

Apple should go Thermonuclear with China

It's not Apple that would. This is an attack on US national security, and luckily for us, the US has plenty of nukes.

 

You can't trust any commie nation, and they had better watch out.


Edited by Apple ][ - 2/19/13 at 11:25am
post #28 of 101
Quote:
Originally Posted by matrix07 View Post

Did your link prove that Apple is the company that lies through the teeth like Google? or you actually have evidences that there are datas taken from Apple's computers? or you're just talking out of your.. umm.. behind?

 

Which one is right?

1confused.gif Where did that come from? I never claimed Apple was lying. I said IMO it was unlikely that nothing was taken. Even Apple doesn't say that, only that they aren't aware of anything. 

 

The reason for the Chinese hacking was to steal IP and other company data. I doubt it was just to pay a visit to Apple to show it could be done.

melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #29 of 101

Its all about spy-games.

 

Foreign government spies on US, US spies on foreign government.

 

They hack, we hack.

 

It's about getting leverages on certain things, and compromising on others.

post #30 of 101
Quote:
Originally Posted by Gatorguy View Post

Quote:
Originally Posted by matrix07 View Post

Did your link prove that Apple is the company that lies through the teeth like Google? or you actually have evidences that there are datas taken from Apple's computers? or you're just talking out of your.. umm.. behind?

 

Which one is right?

1confused.gif Where did that come from? I never claimed Apple was lying. I said IMO it was unlikely that nothing was taken. Even Apple doesn't say that, only that they aren't aware of anything. 

 

The reason for the Chinese hacking was to steal IP and other company data. I doubt it was just to pay a visit to Apple to show it could be done.

 

But it is also possible that their attempt to steal information failed, either because they were detected early enough, or because the machines that they accessed did not contain useful data. I see nothing yet that rules out those possibilities.

post #31 of 101
Quote:
Originally Posted by "Apple 
[" url="/t/156065/apple-attacked-by-chinese-hackers-mac-software-tool-coming-to-protect-consumers#post_2280373"]It's not Apple that would. This is an attack on US national security, and luckily for us, the US has plenty of nukes.

You can't trust any commie nation, and they had better watch out.


I doubt that the US will use nukes 1smile.gif
post #32 of 101
So we have US CYBER COMMAND for what? Just to watch and see what happens? I know they are the military and Apple is civilian but they should still get involved
post #33 of 101
And why does one need Java activated again?
iMac Intel 27" Core i7 3.4, 16GB RAM, 120GB SSD + 1TB HD + 4TB RAID 1+0, Nuforce Icon HDP, OS X 10.9.1; iPad Air 64GB; iPhone 5 32GB; iPod Classic; iPod Nano 4G; Apple TV 2.
Reply
iMac Intel 27" Core i7 3.4, 16GB RAM, 120GB SSD + 1TB HD + 4TB RAID 1+0, Nuforce Icon HDP, OS X 10.9.1; iPad Air 64GB; iPhone 5 32GB; iPod Classic; iPod Nano 4G; Apple TV 2.
Reply
post #34 of 101
Quote:
Originally Posted by usbp456 View Post


I doubt that the US will use nukes 1smile.gif

Not now of course.

 

But who knows what will happen in the future, in maybe a decade or two from now?

 

Any communist government is a criminal enterprise, as far as I'm concerned, and eventually down the road, they might be looking for a real fight.

post #35 of 101
Quote:
Originally Posted by "Apple 
[" url="/t/156065/apple-attacked-by-chinese-hackers-mac-software-tool-coming-to-protect-consumers#post_2280297"]Yep, we know where the building is located and who is behind the attacks.

I say that we should retaliate big time. And then we can just play dumb and deny any involvement afterwards. When I say we, I mean the US of course.

Retaliate? Do u seriously believe most governments are not doing the same thing?
post #36 of 101

If Apple, and other American companies, pledged to start moving business to other countries China would crack down on this crap pretty fast. Money talks.

 

-kpluck

Do you use MagicJack?

The default settings will automatically charge your credit card each year for service renewal. You will not be notified or warned in anyway. You can turn auto renewal off.

Reply

Do you use MagicJack?

The default settings will automatically charge your credit card each year for service renewal. You will not be notified or warned in anyway. You can turn auto renewal off.

Reply
post #37 of 101
Quote:
Originally Posted by bleh1234 View Post

Its all about spy-games.

Foreign government spies on US, US spies on foreign government.

They hack, we hack.

It's about getting leverages on certain things, and compromising on others.

Exactly, but you've the order wrong. The US was and is the pioneer in this field.
post #38 of 101

I think Samsung commissioned "Unit 61398" to hack into Apple's account to see just how many iPhones were sold... rather than shipped!

post #39 of 101
Quote:
Originally Posted by kpluck View Post

If Apple, and other American companies, pledged to start moving business to other countries China would crack down on this crap pretty fast. Money talks.

-kpluck

That easy? How long did it take Apple to start reducing its use of Samsung, its greatest competitor? Just who can replace Foxconn? And what about access to the largest market in the world?

Money indeed talks but Apple needs to listeners than china.
post #40 of 101
Dont mind seeing Coca-Cola hacked. The faster they take this multi-conglomerate down the happier I will be, but for Apple and Facebook then all the power to them to take down Unit 61398.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Mac OS X
AppleInsider › Forums › Software › Mac OS X › Apple attacked by Chinese hackers, Mac software tool coming to protect consumers