Apple was the target of another hacking attack, the company announced earlier today. Apparently, according to one report the attack was very similar to the one launched against Facebook. Apple said a small number of employee-owned Mac computers were breached, adding that the company is working with law enforcement agencies on the problem. And just like in the other situations, it appears no data was stolen. The company said that there is no evidence that any data left Apple.
In a statement to All Things D, Apple confirmed that the attackers used the same zero-day Java vulnerability as discovered in other attacks to gain unauthorized access to the computers:
Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware.
Apple also provided an additional statement to The Loop:
Since OS X Lion, Macs have shipped without Java installed, and as an added security measure OS X automatically disables Java if it has been unused for 35 days. To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found.