Report: This Is the Site Hacking All Those Companies (Updated)

Illustration for article titled Report: This Is the Site Hacking All Those Companies (Updated)

This might be a clue about the hacking going on the past week or so. According the All Things D, a site called iPhonedevSdk (do not visit this site; it's malicious), is responsible for the hacks of Facebook and Apple.


The site reportedly used a Java vulnerability, using code built into the HTML of the site. ATD also claims that this is likely responsible for the hacks of Apple, and possible a common thread behind the myriad Twitter account hacks.

The hack isn't targeted at anyone specifically, but is instead intended to draw users from across the tech industry to visit the site and become infected. The idea being that you won't click some idiot phishing link in your email, but you might seek out a site claiming to be an iPhone dev SDK. We'll let you know as more information about iPhonedevSdk surfaces, and what it's doing with whatever data it received. Until then, that's looking like a very possible source of all the hacks. [All Things D]

Image by gualtiero boffi/Shutterstock

Update: We received comment from the operator of iPhonedevSdk: "Unfortunately, we were hacked ourselves, were unaware that we were hosting a previously unknown exploit, and found out about it yesterday through AllThingsD's report. Once we heard, we immediately reached out to Facebook for more information. Since then, we've been working with Facebook's security team to find out exactly what happened."

We were also directed to a blog post on the iPhonedevSdk, which is quoted below. We haven't linked to it on the off-chance any malicious HTML has been left behind.

Today, we were alerted that our site was part of an elaborate and sophisticated attack whose victims included large internet companies. We were alerted through the press, via an AllThingsD article, which cited Facebook. Prior to this article, we had no knowledge of this breach and hadn't been contacted by Facebook, any other company, or any law enforcement about the potential breach. You can read more about the attack via Facebook's blog post.

As the most widely read dedicated iOS developer forum, we're targeted for attacks frequently. Security is a top priority for us, which is one reason why we switched to Vanilla Forums to host our site last year. Vanilla manages security like pros, and I should be clear that — as best we can tell right now — this attack has nothing to do with their software.

Immediately, we were in contact with Facebook's security team, including Joe Sullivan, Facebook's Chief Security Officer, and his team, to learn what they knew. We also contacted Vanilla, our amazing forum hosts, to ensure the problem was not with their software.

What we've learned is that it appears a single administrator account was compromised. The hackers used this account to modify our theme and inject JavaScript into our site. That JavaScript appears to have used a sophisticated, previously unknown exploit to hack into certain user's computers.

We're still trying to determine the exploit's exact timeline and details, but it appears as though it was ended (by the hacker) on January 30, 2013.

As with Facebook, it's important to stress that we have no reason to believe user data was compromised.

Just to be sure, we've reset all users' passwords. Please use our Forgot Password feature the next time you log in to reset your password.

We're continuing to work with Facebook, Vanilla, other targeted companies, and law enforcement to find out who is behind this sophisticated attack.

We're very sorry for the inconvenience — we'll work tirelessly to ensure your data's security now and in the future. I want to thank Vanilla Forums for their help in the matter and for keeping the site secure, as well as Facebook for their help quickly after we reached out.



Yet another java hack? Color me shocked.

Seriously - who the hell still uses java?