New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Apple Employees Hacked By Visiting iPhoneDevSDK

As reported by The New York Times, the software development website responsible for seeding malicious software to Mac computers at Apple, Facebook, and presumably Twitter has been revealed by a person who was involved with the investigation at Facebook.

The compromised site, iPhoneDevSDK, is an online forum designed for software developers. The site is still infected, and visiting it is not recommended.

iphonedevsksite
At this time, it is unknown if the site had any involvement in the attacks, though it is likely that it was the work of third party hackers given the site's prominent standing as a dedicated community for iPhone developers.

Apple this morning announced that a small number of its employees' computers had been compromised through the Java plug-in vulnerability, an issue that has now been fixed with the Java update and malware removal tool released by Apple this afternoon.

Mac users can determine whether or not they have been affected by the security flaw by installing the Java update, which will notify a user if malware is found. Apple says that the Java update and malware removal tool will "remove the most common variants of malware."

As noted by The Next Web, iPhoneDevSDK is currently in maintenance mode.

Top Rated Comments

(View all)

21 months ago
Call me crazy, but this along with the chinese 'supposed' hackings, all while the government is getting ready to make another cyber legislation push....this is all TOO PERFECT.

the timing of everything is so suspect. Maybe I am trying to read between the lines but if they want to take away our rights on the internet, the first thing they have to do is scare us enough to allow us to waive them, raise the white flag.
Rating: 18 Votes
21 months ago
Just visited the site and nothing happened to me.

Long live President Hu Jintao!
Rating: 10 Votes
21 months ago

Folks are gonna get ticked at me but man. Had developers used the dev discussion instead of this place there probably wouldn't be this problem.

Is that site a place for jailbreakers ?


No it is a site where ios developer discuss code, questions about business, and look for developers to work with.
Rating: 8 Votes
21 months ago

In other words a 3rd. party place that serves the same function as the iPhone Dev discussions.


Sure but then this is a forum that serves the same functions as apple support forums
Rating: 8 Votes
21 months ago
1. Apple, ban Java from your employees' computers that need to be secure.

2. I'd pay extra for an ISP that has severed all connections to China. Really, just ban them from the Internet. That country is downright nasty. I get connections all the time from it trying to get the admin password from my website, and I've been unsuccessfully brute force attacked over SSH once from China (after that, I changed my SSH port to something non-default). The only good thing about China having advanced tech is that Cables Unlimited can make its probably-illegal HDCP remover to free us from Intel's BS.

This looks really bad for Oracle and Apple, though it's mainly Oracle's fault. I think Apple should release a statement to shove the blame over, which would help with their quest to kill Java (not that I agree with their goals fully).
Rating: 4 Votes
21 months ago
And yet again, Java appears to be the weak point, security wise.

What is WRONG with these people? Does anyone there know how to play this game?
Rating: 3 Votes
21 months ago
I will not have networked computers aboard this ship

- Adama


Words of wisdom folks.
Rating: 3 Votes
21 months ago
The malware warning has always kept me away from that site. Stackoverflow works just fine.
Rating: 3 Votes
21 months ago

Call me crazy, but this along with the chinese 'supposed' hackings, all while the government is getting ready to make another cyber legislation push....this is all TOO PERFECT.

the timing of everything is so suspect. Maybe I am trying to read between the lines but if they want to take away our rights on the internet, the first thing they have to do is scare us enough to allow us to waive them, raise the white flag.


If the Chinese hacks are "supposed" and not real, and the US government is behind a massive hoax, then they got Facebook, Apple, the New York Times and many others to cooperate in the hoax. All for an effect that has nothing to do with taking away privacy, and affects very few users. How would all those parties get together to create such AMAZING technical detail, and why would the bother and then have the threat be so trivial it goes right over most peoples' heads? How would this Chinese hack news derail all the opposition to bad Internet legislation? It wouldn't.

Rule of thumb for conspiracies: if it requires HUGE numbers of people to keep a secret, it's probably just your paranoia.
Rating: 2 Votes
21 months ago

The plural form of "virus" when using Latin declension is "viri", but since you're comparing it to "this", it should be the ablative plural "viribus". Or just say viruses :)


I LOVE IT!!!:D

The Latin Pedant Strikes Again!!:eek:

Is this a classy Forum, or what!!??:D
Rating: 2 Votes

[ Read All Comments ]