{"id":643199,"date":"2013-02-20T13:44:23","date_gmt":"2013-02-20T18:44:23","guid":{"rendered":"http:\/\/gigaom.com\/?p=612258"},"modified":"2013-02-20T13:44:23","modified_gmt":"2013-02-20T18:44:23","slug":"site-used-in-malware-attack-on-apple-facebook-explains-how-it-happened","status":"publish","type":"post","link":"https:\/\/mereja.media\/index\/643199","title":{"rendered":"Site used in malware attack on Apple, Facebook explains how it happened"},"content":{"rendered":"<p>The owner of a website that was a conduit used by hackers to breach employee computers at both Facebook and Apple has come forward to explain the events that took place last month. Ian Sefferman, co-founder of the iPhoneDevSDK website, said Wednesday in a blog post that he&#8217;d found evidence that the targeted attack came from an administrator account on his website that was compromised.<\/p>\n<p>Though Sefferman says he believes the site is no longer infected, it&#8217;s safer not to visit the site for now &#8212; hence no link. Here&#8217;s how<a href=\"http:\/\/www.macrumors.com\/2013\/02\/20\/iphonedevsdk-details-what-led-to-apple-facebook-hacking\/\"> MacRumors reported Sefferman&#8217;s statement<\/a>:<\/p>\n<blockquote id=\"quote-what-weve-learned-is\">\n<p>What we&#8217;ve learned is that it appears a single administrator account was compromised. The hackers used this account to modify our theme and inject JavaScript into our site. That JavaScript appears to have used a sophisticated, previously unknown exploit to hack into certain user&#8217;s computers.<\/p>\n<p>We&#8217;re still trying to determine the exploit&#8217;s exact timeline and details, but it appears as though it was ended (by the hacker) on January 30, 2013.<\/p>\n<\/blockquote>\n<p>He says he doesn&#8217;t believe any his site&#8217;s user data was actually compromised.<\/p>\n<p><a href=\"http:\/\/allthingsd.com\/20130219\/this-is-the-site-likely-responsible-for-the-recent-major-tech-company-hacks\/\">AllThingsD\u00a0<\/a>was the first to report iPhoneDevSDK&#8217;s involvement in the attack.<\/p>\n<p>Both Apple and <a href=\"http:\/\/gigaom.com\/2013\/02\/15\/the-hacker-way-runs-both-directions-facebook-suffers-from-a-malware-attack\/\">Facebook blamed Java<\/a>: each reported recently that some of their employees&#8217; computers were <a href=\"http:\/\/gigaom.com\/2013\/02\/19\/apple-says-some-employee-computers-were-breached-by-hackers\/\">infected by malware<\/a> from a vulnerability in a Java browser plug-in. Apple has since released a software patch for Java for OS X. Both companies say no user data was stolen.<\/p>\n<p> <img loading=\"lazy\" decoding=\"async\" alt=\"\" border=\"0\" src=\"http:\/\/stats.wordpress.com\/b.gif?host=gigaom.com&#038;blog=14960843&#038;%23038;post=612258&#038;%23038;subd=gigaom2&#038;%23038;ref=&#038;%23038;feed=1\" width=\"1\" height=\"1\" \/><\/p>\n<p><a href=\"http:\/\/pubads.g.doubleclick.net\/gampad\/jump?iu=\/1008864\/GigaOM_RSS_300x250&#038;sz=300x250&#038;%23038;c=998421\"><img decoding=\"async\" src=\"http:\/\/pubads.g.doubleclick.net\/gampad\/ad?iu=\/1008864\/GigaOM_RSS_300x250&#038;sz=300x250&#038;%23038;c=998421\" \/><\/a><\/p>\n<p><strong>Related research and analysis from GigaOM Pro:<\/strong><br \/>Subscriber content. <a href=\"http:\/\/pro.gigaom.com\/?utm_source=apple&#038;utm_medium=editorial&#038;utm_campaign=auto3&#038;utm_term=612258+site-used-in-malware-attack-on-apple-facebook-explains-how-it-happened&#038;utm_content=ericaogg\">Sign up for a free trial<\/a>.<\/p>\n<ul>\n<li><a href=\"http:\/\/pro.gigaom.com\/2011\/11\/connected-world-the-consumer-technology-revolution\/?utm_source=apple&#038;utm_medium=editorial&#038;utm_campaign=auto3&#038;utm_term=612258+site-used-in-malware-attack-on-apple-facebook-explains-how-it-happened&#038;utm_content=ericaogg\">Connected world: the consumer technology revolution<\/a><\/li>\n<li><a href=\"http:\/\/pro.gigaom.com\/2012\/12\/connected-consumer-2013-how-2012-laid-the-groundwork-for-change\/?utm_source=apple&#038;utm_medium=editorial&#038;utm_campaign=auto3&#038;utm_term=612258+site-used-in-malware-attack-on-apple-facebook-explains-how-it-happened&#038;utm_content=ericaogg\">How consumer media will change in 2013<\/a><\/li>\n<li><a href=\"http:\/\/pro.gigaom.com\/2012\/10\/the-state-of-cross-platform-measurement-across-tv-online-and-social\/?utm_source=apple&#038;utm_medium=editorial&#038;utm_campaign=auto3&#038;utm_term=612258+site-used-in-malware-attack-on-apple-facebook-explains-how-it-happened&#038;utm_content=ericaogg\">The state of cross-platform media measurement<\/a><\/li>\n<\/ul>\n<p><img width='1' height='1' src='http:\/\/gigaom.feedsportal.com\/c\/34996\/f\/646446\/s\/28c6a392\/mf.gif' border='0'\/><\/p>\n<div class='mf-viral'>\n<table border='0'>\n<tr>\n<td valign='middle'><a href=\"http:\/\/share.feedsportal.com\/viral\/sendEmail.cfm?lang=en&#038;title=Site+used+in+malware+attack+on+Apple%2C+Facebook+explains+how+it+happened&#038;link=http%3A%2F%2Fgigaom.com%2F2013%2F02%2F20%2Fsite-used-in-malware-attack-on-apple-facebook-explains-how-it-happened%2F\" ><img decoding=\"async\" src=\"http:\/\/res3.feedsportal.com\/images\/emailthis2.gif\" border=\"0\" \/><\/a><\/td>\n<td valign='middle'><a href=\"http:\/\/res.feedsportal.com\/viral\/bookmark.cfm?title=Site+used+in+malware+attack+on+Apple%2C+Facebook+explains+how+it+happened&#038;link=http%3A%2F%2Fgigaom.com%2F2013%2F02%2F20%2Fsite-used-in-malware-attack-on-apple-facebook-explains-how-it-happened%2F\" ><img decoding=\"async\" src=\"http:\/\/res3.feedsportal.com\/images\/bookmark.gif\" border=\"0\" \/><\/a><\/td>\n<\/tr>\n<\/table>\n<\/div>\n<p><a href=\"http:\/\/da.feedsportal.com\/r\/158873079051\/u\/49\/f\/646446\/c\/34996\/s\/28c6a392\/a2.htm\"><img decoding=\"async\" src=\"http:\/\/da.feedsportal.com\/r\/158873079051\/u\/49\/f\/646446\/c\/34996\/s\/28c6a392\/a2.img\" border=\"0\"\/><\/a><img loading=\"lazy\" decoding=\"async\" width=\"1\" height=\"1\" src=\"http:\/\/pi.feedsportal.com\/r\/158873079051\/u\/49\/f\/646446\/c\/34996\/s\/28c6a392\/a2t.img\" border=\"0\"\/><\/p>\n<div class=\"feedflare\">\n<a href=\"http:\/\/feeds.feedburner.com\/~ff\/OmMalik?a=0r4bHF9qzCk:x7PNUYzDHh0:yIl2AUoC8zA\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/OmMalik?d=yIl2AUoC8zA\" border=\"0\"><\/img><\/a>\n<\/div>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~r\/OmMalik\/~4\/0r4bHF9qzCk\" height=\"1\" width=\"1\"\/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The owner of a website that was a conduit used by hackers to breach employee computers at both Facebook and Apple has come forward to explain the events that took place last month. Ian Sefferman, co-founder of the iPhoneDevSDK website, said Wednesday in a blog post that he&#8217;d found evidence that the targeted attack came [&hellip;]<\/p>\n","protected":false},"author":7420,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-643199","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/643199","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/users\/7420"}],"replies":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/comments?post=643199"}],"version-history":[{"count":0,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/643199\/revisions"}],"wp:attachment":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/media?parent=643199"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/categories?post=643199"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/tags?post=643199"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}