Ask HN: I visited the same site Apple/FB employees were exploited through

3 points by coryl ↗ HN
Background: http://www.macrumors.com/2013/02/20/iphonedevsdk-details-what-led-to-apple-facebook-hacking/

Basically, what should I do to secure my system? What could have been comprimised? Java has been updated, I ran malware-bytes. Thanks

3 comments

[ 2.8 ms ] story [ 16.9 ms ] thread
What is the website?
As mentioned in the article, the site is iphonedevsdk.com, a popular forum for ios deveopers.
If you want to be really sure? Wipe and reinstall.

If you want to be reasonably sure, run an actual AV, like Avira or Nod32, preferably from a boot disk if possible, since running AV against a system in which malware is already running and potentially set up to evade detection doesn't guarantee anything.

Finally, to prevent future problems, turn off automatic plugin activation in your browser. In Chrome, go to chrome://settings/content and scroll down to Plugins, and select "click to play". This'll render you immune to drive-by Java and Flash exploits unless you explicitly activate the plugin instance that delivers the payload.