Quantcast

Apple Developer Website Online Again Following Cyberattack

July 28, 2013

redOrbit Staff & Wire Reports – Your Universe Online

Apple’s developer website was back online Friday, more than a week after it was targeted by a hacker who reportedly attempted to steal personal information, various media outlets have reported.

According to Bloomberg’s Jordan Robertson, the website used by engineers who write Mac and iOS device applications was said to be active as of 5pm Pacific time on July 26. The attack had forced it offline for a total of eight days.

“Developers use the site for software downloads, documentation and engineering information,” Robertson said. “The maker of iPhones and iPads said this week that it’s ‘completely overhauling’ its developer systems to prevent a security threat from happening again. While some of the website’s information was encrypted, Apple said it hadn’t been able to rule out whether names, mailing addresses or e-mail addresses may have been accessed.”

The website targeted by the cyberattack is used by the Cupertino, California-based tech giant to communicate with its community of nearly six million software developers, according to Reuters reporter Aman Shah. A UK-based Turkish researcher named Ibrahim Balic has claimed responsibility for the attack, which he says was not malicious in nature, but not everyone buys his story.

“Balic, who describes himself as a security consultant, claimed on Sunday that he had discovered a number of weaknesses in the site at developer.apple.com which allowed him to grab email addresses of registered developers,” Guardian reporter Charles Arthur explained. “In all, Balic said he had been able to grab the details of 100,000 people registered on the site, and that he included 73 of them in a bug report to Apple.

“He claimed that he exploited a cross-site scripting (XSS) bug in the site,” he added. “However XSS attacks generally require the attacker – which in this case would be Balic – to ‘infect’ a page with a malicious piece of Javascript or HTML which would then be used to extract data from a visiting user. If Balic’s claim is correct, he seems to have used the XSS exploits against his own system.”

Arthur said they attempted to contact 29 people whose emails were allegedly extracted by Balic during the hacking, but seven of those emails bounced and none of the remaining 22 responded to requests to state whether or not they are registered Apple developers. Furthermore, none of the names or email addresses could be located online, which the Guardian notes would be unusual for active software developers.

“Many of the names and email addresses either don’t look like they would belong to Apple developers, or appear to have left no footprints anywhere else on the net,” added independent security consultant Graham Cluley. In addition, in reference to ten emails featured in a YouTube video created by the alleged hacker, Cluley said, “It’s almost as though these are long-discarded ghost email addresses from years ago or have been used by Balic in his video for reasons best known to himself.”

In related news, a new phishing scam involving Apple has arisen on the heels of the developer website hacking, according to CNET’s Charlie Osborne. Attempting to capitalize on security concerns raised by the cyberattack, the new phishing scam warns users to click on a link in order to change their passwords.

While the email is short, it may appear legitimate to some users, Osborne said. However, it includes a grammar mistake in the title, fails to capitalize Apple on several locations and includes a link that clearly does not lead to a domain registered or owned by the tech giant.

“Users have taken to Twitter to warn others of the phishing attacks, and security firm Kaspersky Lab has found that Apple-related phishing scams have skyrocketed in the last six months, with scammers focused on stealing login credentials and financial data,” the CNET writer added.


Source: redOrbit Staff & Wire Reports – Your Universe Online



comments powered by Disqus