As reported by The New York Times, the software development website responsible for seeding malicious software to Mac computers at Apple, Facebook, and presumably Twitter has been revealed by a person who was involved with the investigation at Facebook.
The compromised site, iPhoneDevSDK, is an online forum designed for software developers. The site is still infected, and visiting it is not recommended.
At this time, it is unknown if the site had any involvement in the attacks, though it is likely that it was the work of third party hackers given the site’s prominent standing as a dedicated community for iPhone developers.
Apple this morning announced that a small number of its employees’ computers had been compromised through the Java plug-in vulnerability, an issue that has now been fixed with the Java update and malware removal tool released by Apple this afternoon.
Mac users can determine whether or not they have been affected by the security flaw by installing the Java update, which will notify a user if malware is found. Apple says that the Java update and malware removal tool will “remove the most common variants of malware.”
As noted by The Next Web, iPhoneDevSDK is currently in maintenance mode.