iPhoneDevSDK Details What Led to Apple, Facebook Hacking

by

In January, a number of Apple employees had their Macs compromised following visits to the popular iPhoneDevSDK forum. Employees from Facebook and likely dozens of other companies were compromised as well. In a blog post today, site owner Ian Sefferman shared some limited details* about what happened and what the site is doing about it.

Most notably, the attack was reportedly ended by the hacker on January 30, 2013, meaning the site believes that there is no ongoing threat.

Iphonedevsdk

What we've learned is that it appears a single administrator account was compromised. The hackers used this account to modify our theme and inject JavaScript into our site. That JavaScript appears to have used a sophisticated, previously unknown exploit to hack into certain user's computers.

We're still trying to determine the exploit's exact timeline and details, but it appears as though it was ended (by the hacker) on January 30, 2013.

As with Facebook, it's important to stress that we have no reason to believe user data was compromised.

Eric Romang has done some additional detective work on the the attack, laying much of the blame on Java itself. Last month, Apple twice blocked Java 7 from working on users' Macs, perhaps after the company discovered that its own machines had been compromised.

* URL to blog post: http://iphonedevsdk.com/forum/site-news-announcements/111889-iphonedevsdk-compromised-what-happened-and-how-we-are-dealing-with-it.html -- We've avoiding linking it due to the recent hack at that site.

Popular Stories

iPhone Air

Report: 'Virtually No Demand' for iPhone Air

Wednesday October 22, 2025 3:22 am PDT by
Apple is "drastically" cutting production of the iPhone Air and shifting focus toward the iPhone 17 and iPhone 17 Pro models, Nikkei Asia reports. The business publication claims to have learned of a major cut to iPhone Air production motivated by weaker-than-expected consumer interest, nearly to "end of production levels." Despite early reports of the iPhone Air selling out within hours of...
Read Full Article523 comments
sam sung auction

Former Apple Employee Sam Sung Changed His Name to Avoid Attention

Wednesday October 22, 2025 4:44 pm PDT by
Back in 2012, an Apple retail employee named Sam Sung went viral because his name is similar to Samsung, one of Apple's main competitors. In a recent interview with Business Insider, he detailed that period in his life, how Apple responded, and he explained why he ultimately changed his name. Someone posted an image of Sung's Apple business card on Reddit in 2012, and it spread rapidly....
Read Full Article95 comments
cadillac lyric infotainment

GM to Remove CarPlay from All Future Vehicles, Including Gas Cars

Wednesday October 22, 2025 11:34 am PDT by
General Motors began phasing out support for CarPlay in its electric vehicles back in 2023, leading to complaints from iPhone users, but the company has no plans to back down. In fact, GM is going further and plans to remove CarPlay from all future gas vehicles, too. In an interview with The Verge, GM CEO Mary Barra said that the company opted to prioritize its platform for EVs, but the...
Read Full Article437 comments
All Screen iPhone 2027 Feature 1

Apple's Plan to Launch Three New iPhone Designs Allegedly Revealed

Wednesday October 22, 2025 6:24 am PDT by
Apple plans to launch a new type of iPhone every year for the foreseeable future, according to an Asia-based source. The detailed information was shared by the account "yeux1122" in a blog post on the Korean platform Naver, citing domestic trend and component research companies. Corroborating other reports, Apple will apparently launch its first foldable iPhone in 2026, featuring a...
Read Full Article132 comments
iOS 26

iOS 26.1 Coming Soon With These 8 New Features for Your iPhone

Wednesday October 22, 2025 6:15 am PDT by
The upcoming iOS 26.1 update includes a handful of new features and changes for iPhones, including a toggle for changing the appearance of the Liquid Glass design, "slide to stop" for alarms in the Clock app, and more. iOS 26.1 is currently in beta testing. The update will likely be released in the first half of November, and it is compatible with the iPhone 11 series and newer, but some...
Read Full Article31 comments
ios 26 1 liquid glass opaque

iOS 26.1 Beta 4 Lets Users Control Liquid Glass Transparency with New Toggle

Monday October 20, 2025 10:57 am PDT by
With the fourth betas of iOS 26.1, iPadOS 26.1, and macOS 26.1, Apple has introduced a new setting that's designed to allow users to customize the look of Liquid Glass. The toggle lets users select from a clear look for Liquid Glass, or a tinted look. Clear is the current Liquid Glass design, which is more transparent and shows the background underneath buttons, bars, and menus, while tinted ...
Read Full Article212 comments
maxresdefault

Apple's iPhone Air Experiment Fails as Supply Chain Cuts Production by 80%

Wednesday October 22, 2025 10:48 am PDT by
iPhone Air demand failed to meet Apple's expectations and the company's supply chain is scaling back shipments and production, reports Apple analyst Ming-Chi Kuo. Subscribe to the MacRumors YouTube channel for more videos. Suppliers are expected to reduce capacity by more than 80 percent between now and the first quarter of 2026, and some components with longer lead times will be discontinued ...
Read Full Article629 comments
All Screen iPhone 2027 Feature 1

Report: Apple to Skip 'iPhone 19' Name for 'iPhone 20'

Thursday October 23, 2025 4:28 am PDT by
Apple's new iPhone lineup launched in the fall of 2027 will be called the "iPhone 20" models, rather than the "iPhone 19," according to research firm Omdia. Speaking at a conference in Seoul (via ETNews), Omdia Chief Researcher Heo Moo-yeol corroborated rumors that Apple plans to move the launch of its standard iPhone to the first half of the year and provided some additional clarity about...
Read Full Article144 comments
iOS 26

What's New in iOS 26.1 Beta 4

Monday October 20, 2025 1:02 pm PDT by
Even though we're at the fourth beta of iOS 26.1, Apple is continuing to add new features. In fact, the fourth beta has some of the biggest changes that we'll get when iOS 26.1 releases to the public later this month. We've rounded up what's new below. Liquid Glass Transparency Toggle Apple added a toggle for customizing the look of Liquid Glass. In Settings > Display and Brightness,...
Read Full Article35 comments

Top Rated Comments

newagemac Avatar
newagemac
165 months ago
Is it Java or Javascript? Those are two entirely different things. Java is a plugin with security holes and can be disabled. Javascript is not Java in any way, shape, or form and is not a plugin. It is now as basic to the web as HTML and CSS. You shouldn't disable Javascript unless you want to break pretty much any modern website.

One of the dumbest things ever done on the web was giving it the name of "Javascript". Why the heck there hasn't been a movement to change the name puzzles me.
Score: 12 Votes (Like | Disagree)
iGrip Avatar
iGrip
165 months ago
Insecure?

So lots and lots of big giant companies were hacked. It was the fault of some third party.


But all we hear about is that Apple was hacked! Apple has lousy security! Anybody who owns any Apple anything is in SERIOUS DANGER! Run for the hills, but only after destroying all Apple products!

Typical. Apple is just the whipping boy of the mainstream media.

They go into a frenzy and let everybody else have a pass. But not Apple. They act like it is all Apple's fault. They pick on Apple. It is not FAIR! Apple is a scapegoat. Everybody who owns any Apple anything is seen as a lesser person because of this stuff. A complete and total idiot.

I for one am sick of it.

/s

----------

Well, I use Safari with Java disabled, AdBlock, and Click to Flash. I had been thinking of adding one of the NoScript extensions, but haven't gotten around to it yet. Unfortunately, I got suckered in by a Phishing attempt a few days ago (it's no longer safe to check your email before you're fully awake...) and am wondering what to do about it.

Change all of the affected passwords. Close any credit card accounts that were compromised. If you gave your SS number, there is nothing that can be done about that.
Score: 4 Votes (Like | Disagree)
Sean4000 Avatar
Sean4000
165 months ago
and THIS is why "noscript" is mandatory on all of my company's computers.
Score: 4 Votes (Like | Disagree)
jlgolson Avatar
jlgolson
165 months ago
Is it Java or Javascript? Those are two entirely different things.
Apparently they used a JavaScript exploit to inject Java code. It's all a little unclear at the moment. Hopefully Facebook or (less likely) Apple will post a play-by-play going into exactly what happened at some point.
Score: 3 Votes (Like | Disagree)
SeattleMoose Avatar
SeattleMoose
165 months ago
After all this java stuff, I went into Safari and disabled Java (not JavaScript) and guess what? Safari is INDEED snappier!!! (no joke...it really is).

And I agree with a previous poster, Apple is the media's favorite whipping boy right now. Wallstreet's lapdog, the media, is being used to manipulate AAPL stock prices via fear and gloom. When they have driven it down low enough...the sharks will buy-up AAPL yet again...run a bunch of positive articles (PUMP)...followed by yet another DUMP when it gets to their target "high" value. Then they'll place puts on AAPL, run more gloom and doom stories, and make money on the way down too. And then you have Einhorn, the hedge fund "humanitarian" who simply wants to raid the APPL cash pile for his elite clients. It has already been proven that AAPL stock volatility was tied directly to hedge fund manipulation. Expect more...unfortunately. Wallstreet is just a steaming pile.
Score: 2 Votes (Like | Disagree)
PinoyAko Avatar
PinoyAko
165 months ago
The Java update yesterday was magical and revolutionary. :apple:
Score: 2 Votes (Like | Disagree)
Read All Comments