Apple has positively identified a strain of malware which infected a limited number of Mac systems via a vulnerability in the Java plug-in for browsers.
The malware – spread through a website for software devs – was apparently designed to target Apple and other companies like Facebook.
Although a limited number of Apple computers were breached at Cupertino, the company emphasized there was no evidence of any compromised data.
However, Apple is releasing a software tool to protect OS X users against this particular strain of malware and others.
“Since OS X Lion, Macs have shipped without Java installed, and as an added security measure OS X automatically disables Java if it has been unused for 35 days,” the company said in a statement obtained by PC Mag.
“To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found.”
The attack against Apple comes days after Facebook acknowledged it was similarly targeted. As with Apple, the digital intrusion apparently occurred when a small number of Facebook personnel visited a compromised mobile developer website.
“The site hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines,” a Facebook rep explained.
“After analyzing the compromised website where the attack originated, we found it was using a ‘zero-day’ (previously unseen) exploit to bypass the Java sandbox (built-in protections) to install the malware. We immediately reported the exploit to Oracle, and they confirmed our findings and provided a patch on February 1, 2013, that addresses this vulnerability.”
The rep was also quick to point out that the social networking site had found “no evidence” of compromised user data.
“As part of our ongoing investigation, we are working continuously and closely with our own internal engineering teams, with security teams at other companies, and with law enforcement authorities to learn everything we can about the attack, and how to prevent similar incidents in the future,” the rep added.
