Malware Attack on Apple (+ Facebook, Twitter etc) From Eastern Europe

[menotu]

By Michael Riley & Adam Satariano - 2013-02-19 - Bloomberg

Malware Attack on Apple Said to Come From Eastern Europe

At least 40 companies including Apple Inc., Facebook Inc. and Twitter Inc. were targeted in malware attacks linked to an Eastern European gang of hackers that is trying steal company secrets, two people familiar with the matter said.

Apple, one of three victims to publicly disclose attacks this month, said some of its internal Mac systems were affected by a malware attack. The hackers used an iPhone-developer website, according to the people familiar with law enforcement efforts, including investigations by the FBI and Secret Service, and didn’t want to be identified because of the probe.

“We identified a small number of systems within Apple that were infected and isolated them from our network,” Cupertino, California-based Apple said yesterday in a statement. “There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware.”

The attack is part of the same series of invasions that also led to recently disclosed breaches at Facebook and Twitter, according to investigators working with the companies. Apple was the first to discover the attack, one of the people said.

The hackers appear to be seeking company secrets, research and intellectual property they can sell underground, the people familiar with the matter said. While such attacks have previously been associated with China, sophisticated criminals in other countries have now successfully hacked corporate networks.

Sophisticated Attack

Facebook said last week that it was subjected to a “sophisticated attack” by hackers who took advantage of weaknesses in a mobile-developer website. Apple said its computers were infected in a similar manner, though it didn’t name Facebook or any other affected companies.

Twitter, the microblogging site with more than 200 million active users, said this month that it detected unauthorized attempts to hack into its systems and that attackers may have obtained access to information for about 250,000 people. It said the perpetrators were “extremely sophisticated.”

Full article

[menotu]

If a confirmation has to be done may as well have a quick dig at Apple   
=============================================

22 Feb 2013 - Matt Thomlinson - General Manager - Trustworthy Computing Security

Recent Cyberattacks

As reported by Facebook and Apple, Microsoft can confirm that we also recently experienced a similar security intrusion.

Consistent with our security response practices, we chose not to make a statement during the initial information gathering process. During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations. We have no evidence of customer data being affected and our investigation is ongoing.

This type of cyberattack is no surprise to Microsoft and other companies that must grapple with determined and persistent adversaries (see our prior analysis of emerging threat trends). We continually re-evaluate our security posture and deploy additional people, processes, and technologies as necessary to help prevent future unauthorized access to our networks.

https://blogs.technet.com/b/msrc/archive/2013/02/22/recent-cyberattacks.aspx?Redirected=true