Apple internal network exploited...

Cr00zng · Aug 17, 2018

Yet another big corporation's data stolen...

A 16 years old kid has accessed Apple's internal network for over a year. During this time, he had downloaded 90GBs of the data from the presumably IBM mainframe, including customer accounts and "authorized keys".

Source

Quote:

The court heard the access “worked flawlessly” until the teen was caught.

Seemingly, this hack has been a child's play... :Smirk:

macgig · Aug 18, 2018

wow. it just tells me macs are not immune from being targeted and attacked. I know for years I thought since I use a mac, I'm safe. I know better now but that is how I use to think.

lclev · Aug 18, 2018

So the kid downloaded it from an IBM(?) mainframe? The server would not have been running any version of OS X which runs on our mac computers. Now the fact OS X source code was leaked, 3 year old code according to Apple, could be of concern. I am willing to bet they will be doing major plugging of security flaws in the next version of OS X.

This is a big egg on face moment for Apple and you can bet they are doing major security checks - I would hate to be in the shoes of the head of security!

Lisa

Slydude · Aug 18, 2018

This is certainly an egg on the face moment but there are two things which occur to me every time a thread like this appears. The first is as Lisa pointed out the server(s) in question were almost certainly not running a version of OS X that any of us are likely to be using. The second thing to occur to me is that just because a 16 year old completed this hack does not mean that most 16 year olds could do likewise.

chscag · Aug 18, 2018

macgig said:
wow. it just tells me macs are not immune from being targeted and attacked. I know for years I thought since I use a mac, I'm safe. I know better now but that is how I use to think.

It's been many years since I worked around IBM "big iron", but I can assure you that IBM mainframes do not run macOS. When I was working with them they ran their own home grown operating system.

Also, it's unclear exactly what this kid had access to: "Customer accounts and authorized keys"? Customer accounts could involve Apple IDs and credit card info but so far Apple has been silent about this. Has Apple notified any of its customers? I haven't been notified, how about you?

Raz0rEdge · Aug 18, 2018

Umm no. There is no mention of IBM or mainframe anywhere in there, so don't make up facts. There's a bunch of goofy things in there, they claim that he serial numbers of the devices that were used for the intrusion were detected on the network, but the serial numbers aren't passed along in network traffic.

If he was using a VPN tunnel, then it shouldn't have been possible to isolate him to a location to be able to raid his home. That likely happened with his bragging on WhatsApp. The mention of authorized keys means that SSH was used, but how that was compromised is not stated.

This article is lacking in any useful detail.

Cr00zng · Aug 19, 2018

Couple of notes...

My initial intent had been stated in the first line of my posting, which is no corporation is immune against hacking. The rest of it was just fluff and certainly, the referenced article didn't provide much information, much less details. With that said...

I'd be surprised, if the mainframe was not from IBM, especially knowing that the Z/13 (Z/OS) can run JAVA, Linux, Windows, Etc. The IBM mainframe is used for a lot of things nowadays, including cloud and mobile services, even running Apple's programming language of Swift for couple of years now.

The chances are that the kid exploited the presentation/application layers running on JAVA, Linux, etc. The "authorized keys" refers to the remote access keys, that could be SSH and/or any other "secure" authentication keys for providing remote access for system administrators. The Apple mainframe access could have restricted the access to Apple devices and log the remote's device ID. Years ego, I've implemented remote access systems, where I could log Intel CPUID among other identifying information.

The article stated 90GB of data did include accessing "customer accounts". Knowing that the size of "authorized keys" isn't even close to 90GB, the chances are that customer accounts had been accessed. Just because Apple did not notify me of this breach, it does not mean that customer accounts had not been accessed.

By no means this hack has any implication to macOS and/or iOS, nor does it change the security of these devices. This is about Apple corporation hack and egg in Apple's face...

MacInWin · Aug 19, 2018

I am sure that if indeed Apple customer information is compromised that affected individuals will be notified. Otherwise, Apple's liability would be huge if that data was ever used to do anything illegal. As for accessing "customer accounts" the articles I've seen on the incident have been remarkably free of any useful technical information, almost like the articles are being written by someone who knows NOTHING at all about Apple or hacking. Totally useless drivel.

macgig · Aug 19, 2018

I never said IBM mainframes run the mac os. I'm assuming if someone hacked apple, then perhaps macs were involved and hacked? but who knows maybe apple runs windows boxes with windows xp. lol.

Raz0rEdge · Aug 19, 2018

No one uses IBMs in their datacenters anymore since IBM has stopped making those machines for over a decade plus.

MacInWin · Aug 20, 2018

Ashwin, I hate to disappoint you but, https://www.ibm.com/uk-en/it-infrastructure/z/hardware

IBM's "z" series is pretty powerful and they do sell a lot of them. The little computers are not always the best solution, particularly for large centers with high security needs.

Apple internal network exploited...

Cr00zng

macgig

lclev

Slydude

Well-known member

chscag

Well-known member

Raz0rEdge

Well-known member

Cr00zng

MacInWin

macgig

Raz0rEdge

Well-known member

MacInWin

Shop Amazon