Published February 19, 2013
Continuing a flurry of high-profile cyber disclosures, Apple (AAPL) revealed on Tuesday that some of its Mac systems were infiltrated by hackers, likely from the same group that targeted Facebook (FB) last week.
In a statement, Apple said it has “identified malware” that infected a “limited number” of its Mac systems through a vulnerability in the Java plug-in for Internet browsers. Apple said the malware was used against it and other unnamed companies and was spread through a website used for software developers.
“We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple,” Apple said.
Apple said the malware is the same that was used on Facebook, which on Friday revealed it has been the victim of a "sophisticated" cyber attack due to a Java exploit. Facebook, which found “no evidence” that user data was compromised, said it's clear other companies were attacked and infiltrated as well.
The iPhone and iPad maker said it is working with law enforcement to find the source of the malware.
Apple also said it is releasing an updated Java malware removal tool to check Mac systems and remove the malicious software if found. The company noted that since the release of its OS X Lion, Macs have been shipped without Java installed.
Shares of Cupertino, Calif.-based Apple had little reaction to the news and were recently trading down 0.27% to $458.83.
The Apple news comes amid a rush of disclosures on the cyber front, including high-profile hacks of the Federal Reserve, large U.S. banks like PNC Financial (PNC), The New York Times and The Wall Street Journal.
Security firm Mandiant made a splash on Tuesday by issuing a new report that blamed a Chinese army unit for a large chunk of cyber attacks on U.S. companies and government agencies.
“It is time to acknowledge the threat is originating in China, and we wanted to do our part to arm and prepare security professionals to combat that threat effectively,” Mandiant said in the report.
Chinese officials pushed back against the accusations, saying cyber attacks are “anonymous and transnational,” adding that the U.S. is the top source of attacks on China.
Last week the White House unveiled an executive order focusing on information-sharing and pushed Congress to pass comprehensive cyber-security legislation.