“The Internet vigilante hacker group Anonymous claimed to have broken into an Apple Inc. server and published a small number of usernames and passwords for one of the U.S. technology company’s websites,” Reuters reports.
“Anonymous said on Sunday via its account on microblogging site Twitter that Apple could be a target for hackers and released the data as part of its Anti Security, or ‘AntiSec,’ campaign,” Reuters reports. “‘Not being so serious, but well … Apple could be target, too. But don’t worry, we are busy elsewhere,’ Anonymous said on its Twitter feed, where it shared a link to the data posted on text-sharing website Pastebin.”
Reuters reports, “Anonymous said the data included 27 usernames and passwords for the www.abs.apple.com website. The website, used by Apple for online surveys, on Monday displayed an error message that said the server was temporarily offline.”
What are the details to this hack?
They got some info from a SQL database. No big deal.
iTunes Music/App/Book stores are run on WebObjects, which does not fall into PHP+SQL exploits (“SQL injection”).
So, until now, there was no case of WebObjects system being hacked/cracked.
Come on…! 27? They probably tried common user names randomly with obvious passwords, and by chance got 27 that worked (due to users picking easy to guess passwords).
Gee, that SOME fancy hack… 😉
Took a look over at Pastebin, but couldn’t find the list. Anybody see it?
Oh sh!t… There goes the neighborhood.
Looks like apple is open to the same problems as windows, no matter how you want to disagree. There have been a lot of “patches” lately for leopard and snow leopard.
Please learn the difference between an operating system and and a website before choose to enlighten us in the future.
I don’t think this is about the security of Operating Systems but about the security of websites.
That’d be a valid point.. if it had anything to do with the article above.
Which it doesnt.
I believe the servers that were hacked were running neither Apple hardware or software… Correct me if I’m wrong
wouldn’t matter. it’s exploits in the web page they exploited.
doesn’t mean it’s apple’s hardware or server OS that was exploited.
Look at mac defender. it targeted the USER as the weak link to infect OSX with malware, not the OS itself.
And this could be the hole that one of these hacker groups warned Apple about last April.
Shawn-Of-The-Brain-Dead:
FUD does not become you.
Apple will go on defcom 5! Next time they try this they will digitally nuked!!!
I agree. Let’s not forget hacker can be hacked too. Say for instance, Apple hack the hackers- FairPlay.
http://lokkazad.com/?p=873
You are aware that DefCon 5 is peacetime? (Perhaps you meant DefCon 4—increased alert?)
I did go to pastebin and look. Two observations:
1) user ids and passwords are not associated; that is Anonymous didn’t say which id & pwd go together, if any. But with such a small number it’s not hard to figure out.
2) the passwords were good ones – no 123456789; no abcdefg; no samuel&jones; and no “password”.
The site had holes clearly. But password practices appear to meet high standards.
Passwords listed are in hex. They look long and complicated, but decrypt and they may be 12345
Usernames here: pastebin.com/tkmZDG9m
Not much to see
The passwords are still encrypted, so it’s not much of an issue. Nothing like when Sony let loose of a bunch of plain text passwords and credit card numbers.
The Apple App Store (Mac) was offline for quite a while yesterday on an otherwise perfectly functioning cable Internet connection. Was Apple just doing housekeeping or was someone up to something?
The truth is anyone’s web site can be hacked if you don’t mind leaving a trail for law enforcement to come get you and you have the requisite knowledge and equipment. Apple’s servers run on a variety of OSes the last time I checked- many running Solaris.
These people are not helping anyone by doing this. This kind of prank just results in more restrictions/expense on everyone else.
I noticed the app store was flakey yesterday…
Kept saying I couldn’t connect, then download half of an app an stop. Was annoying.
Bet the 27 accounts were Windows users. They problably hacked the 27 users Windows PC using malware and stole their iTurnes account. Publish what they have to clain they hacked apple’s servers.
Reality Check’s in the mail®:
Read this and you’ll be far better informed:
http://tech.fortune.cnn.com/2011/07/04/hackers-target-apple-not/
My take: More FUD from the guys who are selling short.
Reality – Re-read the tweet: “”Not being so serious, but well,” the message posted by @AnonymousIRC read. “Apple could be target, too. But don’t worry, we are busy elsewhere.”
COULD – not is or was…
Think about it.
What frosts my balls is, the spin on every story like this that comes along will contain references to “security through obscurity” and “now that the MAC is gaining popularity” and “hackers are beginning to take notice” and BLAH BLAH BLAH…
Trying to talk down rubbish like this, is futile. Those who have never used Macintosh, think computers are all the same and that Mac is becoming more popular to those outside the cult, so hackers will find someone else to pick on, …and maybe give us some relief! 🙂
Anomimous = assoles
Windows users = idiots
No story here, move along
best temp mail