Hackers Who Attacked Twitter, Facebook, Apple May Have 'Hundreds' More Victims

The hackers who attacked Twitter, Facebook and Apple employees likely claimed many more victims, an expert said Wednesday.

But exactly how many remains unknown. One security expert told The Huffington Post that "hundreds" of tech start-ups may have been compromised, but have not come forward for fear of negative publicity.

Apple said Tuesday its employees' computers were hacked. The disclosure came days after Facebook and Twitter also publicly acknowledged they were hacked in a similar attack that spread when employees visited an infected website popular among iPhone app developers. All three companies said no user data was taken.

The website that caused the hacks was identified as iPhoneDevSDK.

In an interview Wednesday, the website's owner, Ian Sefferman, said he was never contacted by Facebook or investigators looking into the attacks and only learned the site hosted malicious software, known as malware, when he was notified Tuesday by a reporter at the tech blog AllThingsD.

Sefferman said multiple other sites on the Internet also hosted the malware, though he did not provide details on which sites.

"Multiple sites have this malware," he told The Huffington Post. "We were just one of them."

He said his website was targeted by hackers who gained access to an administrator's account, then injected malicious software into the site's code that would infect site visitors. He said his site is targeted by hackers "frequently."

His site, which has about 200,000 registered users, is "the most widely read dedicated iOS developer forum," he said. Most visitors are software developers who discuss technical issues around building apps for the iPhone and iPad.

Not everyone who visited his site was hacked. His own computer, for example, was not infected, he said.

Sefferman said the hacker appeared to remove the malware from the site on Jan. 30. But on Wednesday, the site had not been taken down and experts warned users not to visit it because it may still infect their computers.

Sean Sullivan, a security adviser at Finland-based security firm F-Secure, estimated that "hundreds" of app developers at tech start-ups have been compromised by the attack but haven’t come forward publicly because their employers can't afford the negative publicity. A person briefed on the investigation also told Reuters Tuesday that hundreds of companies, including defense contractors, were infected with the same malware that hacked Apple and Facebook employees.

Some may not even know they are victims. Facebook Chief Security Officer Joe Sullivan told the blog Ars Technica last week that some companies were unaware they had been hacked before being notified by Facebook.

Sean Sullivan said that software developers are the "new low-hanging fruit" for hackers because they have access to tech companies' source code, which can be used to write new malware, known as "zero days," for future attacks.

The hackers behind the attacks appeared to be from Eastern Europe or Russia, and were trying to hack developers to steal company secrets and sell them on the underground market, according to Bloomberg.

"There's a very big, dark market for vulnerabilities and getting source code," Sean Sullivan told The Huffington Post. "If you can get the source code, that’s the mother lode."

Apple and Facebook employees were victims of what security experts call a “watering hole” attack because they were lured to the source of the malware like animals stopping for a drink of water. In essence, the hackers created a booby-trapped website that downloaded malware on their computers when they visited the site, creating a "backdoor" into a company's computer network.

Investigators were still trying to determine what the hackers did once they got inside.

"The backdoor gave them access, but it's what they did with that access that is the question," a person familiar with the investigation told The Huffington Post.

Such an attack is different than targeting employees at specific companies, and tricking them into clicking a bad link or email attachment to gain a foothold into their corporate network. That method, known as "spear phishing," is commonly employed by Chinese hackers looking to steal intellectual property, experts say.

In the Apple, Twitter and Facebook attacks, the hackers knew they would ensnare software developers, but could not have known which companies would be compromised in advance.

Sullivan, of F-Secure, wondered how many others were also hacked.

"Just how many other mobile application developers took a drink from the watering hole that nailed Twitter & Facebook?" he wrote on the company's blog.

Comments
48
Pending Comments
0
View FAQ

Post Comment Preview Comment

To reply to a Comment: Click "Reply" at the bottom of the comment; after being approved your comment will appear directly underneath the comment you replied to.

Share your Comment:

Post to Facebook.

Post to Blogger.

Post to Twitter.

Post to WordPress.

Post to TypePad.

Post to Tumblr.

View All

Favorites

Recency |

Popularity

Page: 1 2 Next › Last » (2 total)

Anonymous Conservative

Do you even lift?

350 Fans

2 hours ago ( 2:23 PM)

Why would they attack Apple? The Chinese LOVE Apple.

Permalink | Share it

This user has chosen to opt out of the Badges program

whitcombc

341 Fans

5 hours ago (10:59 AM)

Finally the terminology begins to be correct - attacks rather than hacks. Facebook was hacked. The FED was hacked. Banks and credit card companies as well as Burger King were hacked. Apple was attacked - unsuccessfully. Attempted hack? Understand - just as a Bank Robbery requires removing money from the bank. If I stand at the door with the intent of robbing the bank, I didn't rob anything. If the Attempt to Hack Apple resulted in Apple finding hackers at the door, it ain't hacking anymore than when my kid sees my screen from across the room. Want to know the greatest hacking methodology ever created? THe backdoors which have existed in Microsoft's Operating Systems since DOS 6 and Windows 3. And then there is the unbelievable creation of Documents which contain applications embedded in them (macros) creating nice little pockets for mediocre programmers and hackers a ready made spot to exploit. Want to kill off hacking? 1) ask anonymous to kill off the building in China... they are ruining things for everyone. 2) Replace every government server with Apple Servers and OS X. At Pwn2Own 2012, Chrome was successfully exploited for the first time. Internet Explorer 9 on Windows 7 was successfully exploited next. Firefox was the third browser to be hacked using a zero day exploit. Safari on Mac OS X Lion was the only browser left standing at the conclusion of the zero day portion of Pwn2Own.

HUFFPOST SUPER USER

pepper1311

POGS are dirt

476 Fans

6 hours ago (10:04 AM)

As I was the counter go up not 16 companies and three social networks tracking me. It says they are blocked but are they really? So worry about China, not now.

ITGabs

111 Fans

13 hours ago ( 2:59 AM)

What about a lawsuit to Java-Oracle for such a poor security products ( as ever )

ceez

Your micro-bio is empty

336 Fans

16 hours ago (11:52 PM)

So how does one find out if this type malware is installed on their computers? If it bypassed their security software when they visited he website and here was no warning popup then who rang the alarm?

2 hours ago ( 2:25 PM)

Some programmers are paranoid. Very, very paranoid. Some run extra, custom built anti-virus software, which would be how they found the malware.

Guys POV

I'm just here for the sideboob

121 Fans

16 hours ago (11:45 PM)

Yet more fear-mongering ahead of the government's push to further control and regulate the Internet. I'm quaking in my boots.

nnoway

Demand and buy Made In the USA.

115 Fans

16 hours ago (11:43 PM)

Is your FIREWALL "Made in CHINA"?

Figure it out.

16 hours ago (11:53 PM)

I say the same exact thing.....as long as they make the hardware and software programming over there, then there will always be a backdoor.

6 hours ago (10:20 AM)

Few extra lines of code in that IPhone, etc and they own you.

5 hours ago (11:06 AM)

Your Firewall and your OS are probably made in Redmond WA. That means it is swiss cheese and easy to exploit. With all the Paid anti apple PR, it might be interesting to know that Apple was NOT hacked - it was unsuccessfully attacked - an attempted hack. Happens all the time. Same with Viruses. over a MILLION for windows machines and around 100 for Macs. If the reason was the standard BS - that Apple is less numerous still should be around 300,000 viruses for Macs. Note also that most - 90 or so - of "Mac Viruses" are actually viruses which only strike Microsoft applications on the Mac - like Office, Outlook, and "cross platform applications which are poorly ported to Mac from Windows.

1 hour ago ( 2:25 PM)

Apple takes extra precautions against attacks. Microsoft doesn't.

Josilton Rocha

4 Fans

18 hours ago ( 9:54 PM)

Did I misunderstand this or this article has a link to the site that is known too still be infected?

"But on Wednesday, the site had not been taken down and experts warned users not to visit it because it may still infect their computers."

16 hours ago (11:42 PM)

It doesn't have a link to the infected site, just a link to an article about the infected site.

jws2346

655 Fans

19 hours ago ( 9:13 PM)

This kind of reporting makes you think that all the reporter's readers are du mb ar ses. Seeing how hacking is such a secretive endeavor and IT peeps are loath to think someone was smarter than them, it might have been thousands. Heck, Gingrich might go to the Moon in my lifetime too?

breakingpoint

War is a Racket - Smedley Butler

1707 Fans

20 hours ago ( 8:09 PM)

Gates should have made Windows Open Source
he decided to become a slumlord instead

commento

New Year, New Hopes

307 Fans

20 hours ago ( 7:31 PM)

Of course those hackers will not be happy with just a few victims.

JimCT

52 Fans

21 hours ago ( 7:23 PM)

Has WalMart ever been hacked? Just wondering.

amartinn

57 Fans

21 hours ago ( 7:19 PM)

Still no details. How does the code infect a web client? Does it only affect PCs or does it also infect mobile devices. If so, how?

Sounds suspiciously like a boogey-man warning. No actual news just somewhere out there is a web page that's gonna getcha.

The Internet's got two years left. Max. Then the government will either shut it off or cripple it to the point where it won't matter. You've been warned.

1 hour ago ( 2:27 PM)

An associate of mine has been to the booby-trapped website. He emerged just fine. He was on a Mac. Moral of the story, get a Mac and you'll be fine.

Dump Email

44 Fans

21 hours ago ( 7:17 PM)

"MAY" of course they do! anyone using those services is up for grabs, and while most don't have anything to lose, some do... should be a fun 2013!

while apple used to claim to be safer than a pc, the real reason was becasue no one was hacking them, not becasue the software was any better... another apple lie...

Really? That's funny. An associate of mine is employed to find cracks in the Apple security software. He has found ONE.

Mystical-007

Sorry ppl sometimes my halo slips!

932 Fans

21 hours ago ( 6:57 PM)

somebody tried to use my paypal account which thank god they caught onto and froze my account... but I think I know this person who has my old computer.... they have the IP address and will find out soon who it was... don't give away your old computers, destroy it...

jerrrybullfrog

30 Fans

19 hours ago ( 8:46 PM)

Miss Rita, did you get my last post????

19 hours ago ( 8:48 PM)

I answer all the ones I get from you Tim....unless it didn't post for some reason....sorry... How are you doing?? It's so cold here.... I don't feel like going any where but I have to with my kids..