iPhone Dev SDK, the web forum that was at the center of the hack of Facebook and other companies in January.
The website used to infect engineers at Facebook with espionage malware has been identified as an iPhone developer forum by people close to the investigation into the hacking incident.
That page, at the iPhone developer website iphonedevsdk.com, was used to expose visitors to a previously undocumented vulnerability in Oracle's Java browser plugin. The "zero-day" exploit allowed the attackers to install a collection of malware on the Java-enabled computers of those who visited the site. Ars readers shouldn't visit the site because it still may still be compromised.
iphonedevsdk.com is an example of a "watering hole" attack. These attacks compromise a site popular with a population of desired hacking victims, using security vulnerabilities to install code on the Web server hosting it, which injects attacks into the HTML sent to its visitors. In this case, the site, which hosts a Web forum for iPhone developers, netted the hackers access to the computers of software engineers and developers working on mobile application projects for a number of companies, including Facebook. The exploit could have been the source of the attack on Twitter that led to the theft of Twitter usernames and passwords, according to sources familiar with the attack. It may also have been used to infect computers belong to Apple engineers.