iPhoneDevSDK—the site apparently responsible for the hacks at Facebook, Apple, and Twitter—says it was not aware it was being used to attack visitors until it read press reports this week. In a news post do not click if you’re wary of security breaches on Wednesday, site admins said they had no knowledge of the breach and were not contacted by any of the affected companies. Though, iPhoneDevSDK is now working with Facebook’s security team in order to share information about what happened.
Also, this is a great reminder to log and monitor, or SIEM. An admin’s account was compromised, then their website was hacked.
Tripwire would have caught the changes, and login auditing would have caught the hacker/admin’s actions.