Twitter, Apple Inc. and Facebook Inc. are among forty (40) other companies that have been reported as being the target of a malware attack stemming from hackers out of Eastern Europe and Russia. Originally, investigators linked the cybercriminal activity to sources from China. Researchers have indicated that the sole purpose of the gang is to illegally extract confidential data and company secrets.
Apple has reported that several of their internal Mac systems had been compromised.
Law enforcement agencies have conducted an investigation and discovered that the cybercriminals / hackers were able to use an iPhone developed website to conduct their criminal activity.
In a statement posted from Apple, “We identified a small number of systems within Apple that were infected and isolated from our network…..There is no evidence that any data left Apple. We are closely working with law enforcement to find the source of the malware”.
There has been recent data breached reported by Twitter as well as Facebook. According to the investigators that are currently working the malware attacks with the victims (companies) and it appears that this particular attack is part of the same malicious malware assaults. The cybercriminals are attempting to retrieve company secrets and confidential information that they can sell via the black-market. Sophisticated attacks such as these have formerly been reported as stemming from China, however other countries are now becoming knowledgeable if not the more-so in being able to successfully hack into company systems.
Per Facebook – they advised that due to the vulnerability and weakness of their mobile-developer site, they have been subject to more erudite attacks.
Apple stated that their systems were also infected in a comparable fashion.
To date, Twitter has approximately 200 million+ people that use its social network. It has been reported that alone this month- Twitter has noted several unauthorized attempts from cybercriminals to hack into the their system applications. Unfortunately, they (Twitter) now need to validate if any of the Users information has been compromised as the Hackers could have potentially gained access to at least 250,0000 users. Twitter stated that the cybercriminals are becoming more and more hacker-savvy.
Investigators have also stated that because social media displays so much information, hackers will use that to their advantage to find out information from the company of which victims are employed.
iphonedevsdk.com, is an iPhone developer site. This site was used by cybercriminals to break into and embed viral malware due to a security weakness within the Users browser. This is when the devices were originally infected.
A security firm known as RSA Security Inc, has nicknamed the malware method a ‘waterhole attack”. The call it the waterhole attack because Users were attacked at the source of the system.
According to founder of security firm Invincea Inc., Anup Ghosh, these websites were more than likely linked by software developers of several other technology companies which in return would display striking predetermined targets to the cybercriminals.
Investigators also question if the hackers have pursued a server being utilized by ta group in the Ukraine.
Additional evidence, counting the malware used in the attack, suggests that this is not an espionage attempt from China, but the work of cyber criminals.