Apple attacked by Chinese hackers, Mac software tool coming to protect consumers

Posted:
in macOS edited January 2014
Apple on Tuesday disclosed that it was hacked by the same group that targeted social networking site Facebook, and also announced that an incoming software update for OS X will protect consumers from the same type of vulnerability.

Security


Calling it an "unprecedented admission," Apple revealed to Reuters that a sophisticated attack compromised a small number of its employees' Mac laptops. No user information was compromised, and there is no evidence that any information has been stolen.

Apple also revealed that it plans to release a software tool later Tuesday that will protect customers against the same type of software that was used against its employees.

The company also provided a full statement on the matter to The Loop:
"Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware."
Apple is the latest in a number of companies that have come forward to reveal they were hacked by a group from China. Both The New York Times and The Wall Street Journal also revealed earlier this year that their computers were compromised, and those efforts have been linked to the Chinese army.

The group, which has been identified as "Unit 61398" of the People's Liberation Army, also targeted social networking sites Facebook and Twitter in their efforts. The attacks against American corporations are believed to have emanated from a 12-story building located on the outskirts of Shanghai."We identified a small number of systems within Apple that were infected and isolated them from our network," Apple said in a statement

Facebook, in particular, was compromised through a Java exploit that was used to install malware on the company's systems. The attack was detected when Facebook officials noticed a suspicious domain listed in its system request logs.

Also known by the name "Comment Crew," the China-based hacking operation is also said to have gone after companies involved in America's critical infrastructure, such as power, gas and water. The "Crew" has also attacked iconic brands like Coca-Cola.

Chinese officials, however, have denied that their government engages in computer hacking. They have instead suggested that their country is also the victim of such hackers.
«13456

Comments

  • Reply 1 of 103
    Companies need to start hacking the hackers. Just sayin...
  • Reply 2 of 103
    jragostajragosta Posts: 10,473member
    The attacks against American corporations are believed to have emanated from a 12-story building located on the outskirts of Shanghai.

    Isn't that what we have drones for?
  • Reply 3 of 103


    The new face of warfare. We will attack you and you have no proof it was us

  • Reply 4 of 103
    apple ][apple ][ Posts: 9,233member

    Quote:

    Originally Posted by jragosta View Post



    Isn't that what we have drones for?


    Yep, we know where the building is located and who is behind the attacks.


     


    I say that we should retaliate big time. And then we can just play dumb and deny any involvement afterwards. When I say we, I mean the US of course.

  • Reply 5 of 103
    muppetrymuppetry Posts: 3,331member

    Quote:

    Originally Posted by jragosta View Post




    Quote:

    Originally Posted by AppleInsider View Post



    The attacks against American corporations are believed to have emanated from a 12-story building located on the outskirts of Shanghai.




    Isn't that what we have drones for?


     


    Imagine their surprise...

  • Reply 6 of 103


    China poking the tiger. When the tiger finally bites their hand they're like "Huh!? What!? Why!?"

  • Reply 7 of 103
    gatorguygatorguy Posts: 23,423member

    Quote:

    Originally Posted by AppleInsider View Post



    Calling it an "unprecedented admission," Apple revealed to Reuters that a sophisticated attack compromised a small number of its employees' Mac laptops. No user information was compromised, and there is no evidence that any information has been stolen.


    Then Apple would probably be the only company targeted by the Chinese 61398 group that didn't have anything taken. Not likely IMO.


     


    If you want all the details, this is the report for you.


    https://docs.google.com/viewer?url=http://assets.sbnation.com/assets/2187805/Mandiant_APT1_Report.pdf


     


    An earlier related story.


    http://www.theverge.com/2013/2/18/4003732/chinese-cyber-attacks-on-us-corporations-tied-to-army-base

  • Reply 8 of 103

    Quote:

    Originally Posted by jragosta View Post





    Isn't that what we have drones for?


    Now that is too funny! Made laugh! :)

  • Reply 9 of 103
    Time to really start dealing with these people. We are too cozy with them. Screw them. We don't need their money or cheap crap. Plenty of countries can take their place. No more business no more money to try to take us down.
  • Reply 10 of 103
    muppetrymuppetry Posts: 3,331member
    gatorguy wrote: »
    Calling it an "unprecedented admission," Apple revealed to Reuters that a sophisticated attack compromised a small number of its employees' Mac laptops. No user information was compromised, and there is no evidence that any information has been stolen.
    Then Apple would probably be the only company targeted by the Chinese 61398 group that didn't have anything taken. Not likely IMO.

    If you want all the details, this is the report for you.
    https://docs.google.com/viewer?url=http://assets.sbnation.com/assets/2187805/Mandiant_APT1_Report.pdf

    An earlier related story.
    http://www.theverge.com/2013/2/18/4003732/chinese-cyber-attacks-on-us-corporations-tied-to-army-base

    It's not clear to me in what way either of those reports support your conclusion. Reasoning?
  • Reply 11 of 103
    "Apple wrote:
    [" url="/t/156065/apple-attacked-by-chinese-hackers-mac-software-tool-coming-to-protect-consumers#post_2280297"]Yep, we know where the building is located and who is behind the attacks.

    I say that we should retaliate big time. And then we can just play dumb and deny any involvement afterwards. When I say we, I mean the US of course.

    We could just say we were hacked.

    But doing my best Jerry Fletcher impersonation and putting on my tin foil hat for a minute...

    Could the Chinese be doing this to basically eventually get a physical threat against them, thus starting a war?
  • Reply 12 of 103


    Originally Posted by AppleInsider View Post



    Facebook, in particular, was compromised through a Java exploit that was used to install malware on the company's systems. 


     


    Surprise!  Time to eradicate Java and its last-century security weaknesses.


    Or, since we're talking about Chinese hackers, maybe "purge" is a better word.

  • Reply 13 of 103
    ...and the media will portray this as a malware attack against all Macs.
  • Reply 14 of 103
    matrix07matrix07 Posts: 1,993member

    Quote:

    Originally Posted by Gatorguy View Post


    Not likely IMO.


     


     



    You have evidences?

  • Reply 15 of 103


    Originally Posted by GadgetCanada View Post

    China poking the tiger. When the tiger finally bites their hand they're like "Huh!? What!? Why!?"


     


    And then they pass a new regulation stating that all tigers have to be in modified enclosures. Sales of tigers in certain parts of the world just stop, since no one wants to redesign their tigers to meet this nonsense requirement. 

  • Reply 16 of 103
    haggarhaggar Posts: 1,568member


    Curious that when other companies got hacked, it's because they deserved it, their systems have swiss cheese security, their software sucks, etc. But now that Apple got attacked, it's time to fight back against those hackers.


     


    And where are the comments saying Apple doesn't need to fix anything because if people stopped trying to hack them, there would be no problem?

  • Reply 17 of 103
    gatorguygatorguy Posts: 23,423member

    Quote:

    Originally Posted by matrix07 View Post


    You have evidences?



    That's it's unlikely Apple didn't have any data taken just as the others did? In my opinion yes sir, linked in my previous post. It's being reported that at least 115 companies, most based in the US, have fallen victim with 100's of terabytes taken. These aren't short term attacks according to the report. The New York Times says their cyber-intrusion continued for 4 months before it was discovered. Facebook just became aware of their "Chinese hack" a couple of days ago. 


     


    Both the Facebook and Apple intrusions were reported in the past few days.  It's possibly due to a Presidential order last week allowing US intelligence agencies to share what they know about active cyber-intrusions with private companies.


    http://www.theverge.com/2013/2/12/3982302/president-obama-signs-cybersecurity-order

  • Reply 18 of 103
    jragostajragosta Posts: 10,473member
    haggar wrote: »
    Curious that when other companies got hacked, it's because they deserved it, their systems have swiss cheese security, their software sucks, etc. But now that Apple got attacked, it's time to fight back against those hackers.

    And where are the comments saying Apple doesn't need to fix anything because if people stopped trying to hack them, there would be no problem?

    Nice straw man arguments. No one ever made those claims.
    starbird73 wrote: »
    We could just say we were hacked.

    Great idea. Launch a couple of drones and then send them a message saying "oops. We're terribly sorry, but someone hacked our Defense systems and launched those drones by mistake".
  • Reply 18 of 103
    matrix07matrix07 Posts: 1,993member

    Quote:

    Originally Posted by Gatorguy View Post


    That's it's unlikely Apple didn't have any data taken just as the others did? Yes sir, linked in my previous post.



    Did your link prove that Apple is the company that lies through the teeth like Google? or you actually have evidences that there are datas taken from Apple's computers? or you're just talking out of your.. umm.. behind?


     


    Which one is right?

  • Reply 20 of 103
    apple ][apple ][ Posts: 9,233member

    Quote:

    Originally Posted by Haggar View Post


    Curious that when other companies got hacked, it's because they deserved it, their systems have swiss cheese security, their software sucks, etc. But now that Apple got attacked, it's time to fight back against those hackers.


     


    And where are the comments saying Apple doesn't need to fix anything because if people stopped trying to hack them, there would be no problem?



     


    This isn't just about Apple. The US government should retaliate against China.


     


    And your last comment is just plain dumb.

Sign In or Register to comment.