A number of Apple employees had their Macs infected by visiting the popular iPhoneDevSDK forum. It’s believed that employees from Facebook, and most likely numerous other companies, were compromised as well.
iPhoneDevSDK owner Ian Sefferman shared some information in a blog post about what happened, and what is being done about it.
From Ian Sefferman’s blog, via MacRumors:
What we’ve learned is that it appears a single administrator account was compromised. The hackers used this account to modify our theme and inject JavaScript into our site. That JavaScript appears to have used a sophisticated, previously unknown exploit to hack into certain user’s computers.
We’re still trying to determine the exploit’s exact timeline and details, but it appears as though it was ended (by the hacker) on January 30, 2013.
As with Facebook, it’s important to stress that we have no reason to believe user data was compromised.
We haven’t linked directly to the bog post, due to the hack at the site. If you go searching for the post, it’s at your own risk.
