iPhone related site responsible for the hacking of Facebook and Apple?

iPhoneDevSDK is a compromised site and should be avoided!

In a report on All Things D, Mike Isaac reveals that a “compromised website” used by iPhone developers is likely responsible for the hacking of some mega sites like Apple and Facebook:

In the spate of large companies hacked in recent weeks, it seems that many of them have one thing in common. Many have visited one compromised website specifically devoted to sharing information related to mobile development — and it’s not just tech companies visiting the site.

The site is called iPhoneDevSDK, according to sources close to the Facebook hacking investigation. It’s a hub for many companies concentrated on the mobile space.

Hackers_Essentially, this was a bit of malware code written in to HTML of the iPhoneDevSDK website that found it’s way into employee computers via Java vulnerabilities. Jim touched on the vulnerability on our site not to long ago, but apparently one or two people at Twitter and Facebook don’t read DCT. Back in June, I also covered the dangers of being socially engineered to visit compromised websites. The point is, malware is a real threat to which not even the big boys are immune.

Usually, being cautious and aware will keep you safe, but in cases where the malicious code is written into sites you need to visit for a living, it remains a matter of when, not if. Large services — those without tight computer security for all of their employees — will inevitably fall victim to large-scale data loss and security breaches.

I don’t really have any suggestions on how to prevent such attacks and malware infections through Java loopholes, because I’m no java security expert. (Please, give us your thoughts in the comments section on how to avoid such fiascoes.) Personally I keep my system security updated at least weekly, but more importantly, keep a keen eye out for potentially dangerous and hazardous situations online.

Posted in:
About the Author

Patrick McMullen

Patrick is the resident social media expert at DCT. He was born a member of the Internet generation, or rather, the generation that would become the Internet generation after Al Gore "invented" it. Growing up, he surrounded himself, family, and friends with computers, video games, mp3 players, and all of the other tech and gadgets that have come out of the 1990’s and 2000’s. In addition to social media, Patrick has a wealth of knowledge and experience using both Android and Apple iOS mobile devices as well as mac and pc computers. He is also an avid deal-hunter whose prowess has allowed him a relatively cheap venture into the world of hi-fi home and personal audio. Patrick graduated from DePauw University in 2011 with a degree in psychology and minors in communication and writing. Currently, Patrick is the lead analyst for Fizziology, a social media research company that specializes in using real people to evaluate and grade the sentiment of social media buzz.