Apple announced today that a number of systems inside the company were infected with malware that made use of a Java vulnerability inside some Web browsers. Just days ago, Facebook made a similar claim; that last month, internal computers had been targeted and infiltrated as a result of a similar vulnerability.
As it turns out, these attacks came as a result of employees using their computers to visit the same website: an iPhone development forum called iPhoneDevSDK. For your safety, we have not linked to the website, and we strongly suggest that you don’t try to find the site or visit it yourself, as doing so could leave your own computer at risk to be infected with the same malware.
The malware went undetected by many anti-virus software packages, and patches for Mac computers were also unable to stop the exploit. Other reports are not suggesting that the iPhoneDevSDK site itself had anything to do with the attacks, and we’re in no position to make such accusations, but the site seemed to be hosting the exploit whether it wanted to or not.
If you’re a frequent visitor of the site, your machine could already be infected, and it might be a good idea to take the necessary steps to cleanse your computer of the malware. If that means doing a system restore or a clean wipe and reinstallation of the operating system, so be it. The inconvenience will be well worth it to protect any sensitive data you have stored, or will transmit to websites online.
In the meantime, we suggest that you hold off on any visits to iPhoneDevSDK until the threat on the site is clearly identified and removed. Apple hosts a large library of iPhone development documents and tutorials, and sites like Stack Overflow are handy for developers who have questions about the iOS SDK.
We’ll keep you up to date on this story as we learn more.
[Source: The Next Web]