John Carter alerts us to the hacking, "'Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plugin for browsers,' the company said in a statement to AllThingsD. 'The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware.'
"The company noted that it has been shipping Macs without Java since the release of Mac OS X Lion, and that it also has a software mechanism that disables Java if it goes unused for 35 days. Apple is also releasing an updated software tool to detect and remove Java-related malware."
John comments, "The sad part of this is that some websites, like GoDaddy, need to have Java enabled in the browser, and disabling Java in the browser is the only way to secure yourself from a Java attack.
"Just yesterday I got an update from Apple for Java. I installed it. So I don't understand why I'm getting this update if Apple isn't installing Java on new computers. It could be because I already had Java installed and its presence triggered the notification for the update. Now I'm waiting for more news and maybe another Java update about this."
Here are several sites reporting on the situation:
http://www.businessinsider.com/apple-releasing-malware-removal-tool-after-being-hacked-2013-2
http://www.pcmag.com/article2/0,2817,2415624,00.asp
http://allthingsd.com/20130220/meet-some-of-the-people-responsible-for-fighting-hackers-at-apple/
http://allthingsd.com/20130220/meet-some-of-the-people-responsible-for-fighting-hackers-at-apple/