If you’re like me, you’ve probably been wondering what websites Facebook and Apple employees were surfing prior to the discovery of malware in their company machines.
How else could the rest of us do our best to avoid the same fate? [On that note, do not visit the website I am about to mention as it could still be infected. It is being disclosed as a warning.]
As it turns out, sources close to the Facebook hacking investigation revealed to AllThingsD that iPhoneDevSDK[dot]com, an iPhone developer forum frequented by iOS development teams of we-known companies, was the website likely used to conduct drive-by-download attacks against Facebook and Apple employees.
The malicious code embedded on the iPhoneDevSDK website exploited a zero-day vulnerability within Oracle’s Java browser plugin in order to plant malware on the machines of Facebook (& possibly Apple) employees.
This type of attack is commonly referred to as a “watering hole” attack. Instead of pursuing victims using poisoned emails, attackers inject malicious code into a website frequented by their targeted demographic. In this case, the targeted demographic happened to be the mobile developers for various companies, including Facebook.
That being said, if you or someone you know has recently visited iPhoneDevSDK, you may want to check if Java is installed on your system. If you do, there's a good chance your system has been compromised. Now would be a good time to check out Apple's security patch related to this attack, as they bundled a malware removal tool with it.
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+