Apple, Twitter, Facebook hit by hackers linked to Eastern Europe

Eastern European hacker gang targeted 40 firms in attempt to steal company secrets

Published: 12:00am, 21 Feb 2013

At least 40 companies including Apple, Facebook and Twitter were targeted in malware attacks linked to an Eastern European gang of hackers that is trying stealing company secrets, two people familiar with the matter said.

Apple, one of three victims to publicly disclose attacks this month, said some of its internal Mac systems were affected by a malware attack. The hackers used an iPhone-developer website, according to the people familiar with law enforcement efforts, including investigations by the FBI and US Secret Service, and who didn't want to be identified because of the probe.

"We identified a small number of systems within Apple that were infected and isolated them from our network," California-based Apple said on Tuesday. "There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware."

The attack is part of the same series of invasions that also led to recently disclosed breaches at Facebook and Twitter, investigators said. Apple was the first to discover the attack, one of the people said.

The hackers appear to be seeking company secrets, research and intellectual property they can sell underground, the people familiar with the matter said. While such attacks have previously been associated with China, sophisticated criminals in other countries have now successfully hacked corporate networks.

Facebook said last week that it was subjected to a "sophisticated attack" by hackers who took advantage of weaknesses in a mobile-developer website. Apple said its computers were infected in a similar manner, though it didn't name Facebook or any other affected companies.

Twitter, the microblogging site, said this month that it detected unauthorised attempts to hack into its systems and that attackers may have obtained access to information for about 250,000 people. It said the perpetrators were "extremely sophisticated".

Information from the social media sites could be used to target employees of other companies, the investigators said.

Employees at the companies were first infected when they visited the iPhone developers site iphonedevsdk.com which the hackers had infiltrated and used to implant malware via a security flaw in the victims' browsers.

The tactic has been dubbed a "waterhole" attack, because victims are attracted to the source of the infection like animals attracted to a waterhole on the savannah.

This article appeared in the South China Morning Post print edition as: East European gang linked to hacking attacks

Post