An Apple store in New York
Apple has confirmed that a small number of its employees’ computers were attacked as a result of a vulnerability in the Java browser plug-in, but said that there was no evidence any data left the company.
Reuters has reported that the same software was used to launch attacks on Facebook.
The social networking giant confirmed last weekend that several of its engineers’ computers were hacked using a zero-day Java attack. At the time, Facebook said there was no evidence to suggest user data was compromised following the attack.
Yesterday, Apple confirmed it had identified malware that infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers.
“The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers,” Apple said in a statement.
“We identified a small number of systems within Apple that were infected and isolated them from our network.
“There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware,” added the company.
Apple also confirmed it is releasing an updated Java malware removal tool to check Mac systems and remove this malware if it is found.
A report on Bloomberg said Apple, Facebook and Twitter are among a group of at least 40 companies that have been targeted in malware attacks linked to an Eastern European gang of hackers.
Apple has released a Java update for Mac users.
