“Apple Computer’s Korean online store has been defaced by an intruder. The attack, apparently carried out by someone working under the name ‘Dinam,’ who claimed in his online posting to be Turkish, was brought to the attention of Silicon.com last Thursday,” Dan Ilett reports for CNET News. “The defacement was removed from Apple’s Web site shortly after Silicon.com alerted the company, which has subsequently declined to comment on the matter. Jason Hart, CEO of security company Whitehat UK, told Silicon.com: ‘The defacer has managed to get administrator access to the Web server.'”
“The defacement–which took the form of a dozen lines of code posted to the Apple.co.kr home page–was documented on Zone-h.org. The hacker forum said Dinam had attacked a Mac OS X server running Apache,” Ilett reports.
Full article here.
MacDailyNews Note: Today, another attacker documented by Zone-H, “D.O.M.,” put up the old 6-color Apple logo and the slogan “Think Different” at the domain http://mail.apple.co.kr. See the defacement here.
Advertisements:
• Get the new iMac with Intel Core Duo for as low as $31 A MONTH with Free shipping!
• Get the MacBook Pro with Intel Core Duo for as low as $47 A MONTH with Free Shipping!
• Apple’s new Mac mini. Intel Core, up to 4 times faster. Starting at just $599. Free shipping.
• Apple’s brand new iPod Hi-Fi speaker system. Home stereo. Reinvented. Available now for $349 with free shipping.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
I believe their web site is defaced again… The apple logo for their education individual store link will probably get the Apple Record extreamly upset again (5/3/06 4:43PM CST).
Dear Ron,
Your facts are quite interesting. What is more interesting is that they are so vague that can interpreted any number of ways. For example, MS is sitting at 90% market share. Could you be a bit more specific? They have far from 90% market share in the server market. So, you are trying fudge your numbers a bit to try and have a relevant point. Again I will reiterate my statement that we don’t mind having a debate but we prefer to use facts. Furthermore, you seem to be rehashing old myths about Apple that haven’t been true in years. Also, Vista isn’t a “real” product until it hits the market. So, I could say that a 2020 BMW is better than your 2007 Mercedes using that logic. Sure, the year 2020 cars aren’t out yet but they will be eventually. Since you are on here trolling I am going to cast doubt on your claims as to the financial viability of Apple. No offense but you don’t come across as an expert in the way of economics.
I will concede that their Korean web site did get defaced and that Apple was using Apache server. However, Apple doesn’t make Apache server as it is an open source software package that MOST of the web servers out there use.
My last item I would like to address is, what thrill do you get from coming on here trying to start an argument? Seriously, if you are so sure of the windows platform wouldn’t you rather spend your time on sites that cater to fans of windows? What deep rooted psychological need are you trying to fulfill by coming on here in the first place? I am certain that there are many qualified therapists in your local area that can help you sort through these problems.
Best of luck to you. I hope the therapy helps.
Ron,
Fact: NSA won’t run anything other than OS X.
Fact: Some of the fastest supercompters runs OS X (and not for publishing or marketing)
Fact: Apple is sitting on 90% marketshare (sorry, you didn’t say for what, so I’ll be as ambiguous as you).
Fact: Vista isn’t out yet. So how much revenue/marketshare/etc. does it have?
Fact: Vista is a shadow of its intended self, so just must be better, right?
Fact: You’re a douchebag – you said so above.
OS X Hacked…Looks like OS X is not bullet proof
NSA would never reveal what os they run
Fact: once Vista is out, Apple will be relegated to the brink of bankcruptcy again as noted by Michael Dell in 1996.
You keep using that word, “fact.” I don’t think it means what you think it means.
Wow guys, i was just kidding
mac nerds take themselves way to seriously
everyone reading this needs to get a life
It’s Ron with the big “R”– for Rse, not me with the little “r’– for rn’t you wuvewy
The trolls are losing their minds, whatever’s left.
Hey, Ron:
It was a Windows Server that was hacked. HA HA right back at ya, bitch.
“As Michael Dell noted in 1996”??? Has Vista’s introduction been delayed since 1996?? Will Vista even be introduced in 2007?? We used to say Windows 95 is Mac 85. But was the first beta of OSX in about 2000 as immature as Vista will be? If we give Microsoft the benefit of the doubt, and say Vista will be as good as Jaguar, then we can say that Vista 2007 is Mac 2002. Hey, they have closed the gap! They’re only five years behind! Oh, but as for Michael Dell, Apple is now worth more than his company. I wonder if he predicted that in 1996??
rasterbator:
the article said “…Dinam had attacked a Mac OS X server running Apache”. if you click on http://mail.apple.co.kr you now get a “Forbidden” page, that clearly states that it’s running Apache.
even if it was running Windows server, don’t you think that’s kinda funny, an Apple site running on Windows?
big “huh?” from me…
i heart macdude: There it is again. There is no such word as “virii” (ferchrissake)
Second: ron is a troll. don’t you ultra-superior mac-heads know not to feed trolls by now? Sounds like we have some new converts…a disgusting sense of snobbery oozes from this site….it wasn’t alwasy this bad, when were the noble….now we are the crucifier, and it stinks.
I love seeing everyone here scrambling around making up ridiculous excuses for this. For example:
“The hacker could have slept with a sys-admin last night and poked around their home computer while they were in the shower.”
I think you have seen one to many movies.
Here is THE REAL reason this happened:
http://blog.washingtonpost.com/securityfix/2006/03/when_macs_attack.html
If that link breaks just C&P the link into your browser.
Here is an exerpt: “A large number of Web sites running vulnerable PHP applications on OS X systems are regularly defaced by hacker groups who replace the sites’ home pages with hacker screeds or even some political statements.”
This is a problem with PHP applications. Click this to see more defacements of OS X servers using PHP.
http://www.zone-h.org/en/defacements/filter/filter_system=MacOSX/
99% of Mac users have NOTHING to worry about here. You can sleep soundly. Your Mac is safe and secure.
Forgot to add this – PHP: http://en.wikipedia.org/wiki/PHP
Funny, no MDN take?
Apache is as part of OS X as it is ssh, postfix, webdav, ldap, tcsh, ksh bash, etc
IF next week someone finds an exploit on postfix, or ssh, then OS X is at fault? Get real.
Apache developers (and the entire open source community) will fix the flaw, release a patch and Apple will distribute it through Software Update. As often it happens, security patches from Apple do involve opens source Unix tools common to all *nix platforms.
So be it.
Guys – the whole frickin OS is open source, apart from the eye candy on top. Does that mean Apple is blameless for any security attack, other than something that stops the friggin’ widgets working? Get a life. Please.
RC, nope, Apple will be blamed for any security attack for code its developers are directly responsible for.
A security attack on, say, ssh, is not direct responsibility of Apple developers. A security attack on Darwin would be direct responsibility of Apple developers.
Not so difficult to understand. And the point is not to have Apple blameless but saying “Apache has a security flaw: AHAHAHAH Apple Mac OS X is a security joke” is blatantly moronic.
Same would go if the next security problem should arise from postfix, one of the shells, ssh, etc. What Apple has to do with those, vis-a-vis development. Apple could and would contribute, and sometimes their contributions make into the main repository, as for the changes to gcc.
Open source programs and sw does not mean that no-one is responsible or in charge of it. It simply means people could d/l and contribute if they feel so. Their contribution does not automatically become part of the code: the people in charge decide.
Same goes for Apache open source project: there are people in charge.
Open source is not software development anarchy. Or do you sincerely believe that open source means everyone can change the code and commit into the repository?
BTW, Apache is as well on Linux platform, BeOS, FreeBSD, and many others *nix OSes.
Why not then “Apache has a security problem: HAHAHAHAHA Mac OS X, Linux, FreeBSD, BeOS, this, that, whatever, younameit are security jokes”
Would be totally stupid. As is totally stupid to single out any one OS that uses Apache and blame the OS for being unsecure.
It is not taking the side of Apple, is simply saying that it is technically ignorant to pointing out a problem in a common component of many software distributions and say that the OS that uses it is to be blamed for it.
Whatever.
Is this Ron character SERIOUSLY suggesting that one use Windows…IIS…as a professional web server? Get real man – IIS is absolutely horrible (or you could add .NET or Java and be really slooooowwww…..).
What a tool…….
Nothing to see here people. Web-site hacks are common and frequently are simply the result of poorly configured web scripts, rather than a deeper security issue.
@Reality Check “Guys – the whole frickin OS is open source, apart from the eye candy on top. Does that mean Apple is blameless for any security attack, other than something that stops the friggin’ widgets working? Get a life. Please.”
No, Apple is NOT blameless for any security attack and should be held accountable – if it is indeed an underlying OS security faluire. In my post above, I just wanted to point out that OS X SERVERS and anyone running their machine as a “server” of some kind utilizing PHP are definitely vulnerable. As you can see by the second link I posted, MANY OS X servers/sites have and are being defaced/hacked using exploits in PHP. The vulnerabilities in PHP are MUCH worse than a simple defacing though (read the first link). You can actually be compromised and code can be loaded and run on your server. THIS is serious.
My other point still remains – 99% of all Mac users have NOTHING to worry about in THIS particullar case. They are not running as servers with PHP enabled.
To the people that are – you have a SERIOUS PROBLEM.
to iPlodder
>RC, nope, Apple will be blamed for any security attack for code its developers are directly responsible for.
Kidding right? do you think most people running OSX give a flying f**k who wrote the code.
If Apple chooses to distribute something bundled with the machine, in the selection process they should be taking on responsibility for it being secure whether they wrote it or not. After all, it is open source code. They could find and fix any security vunerabilities if they chose to.
>A security attack on, say, ssh, is not direct responsibility of Apple developers.
Again disagree, because they chose to incorporate an insecure component. That’s like saying 99% of Windows security issues are not a problem with the OS as such, but with the bundled apps running on top of it. That argument wouldn’t fly if made in the PC world. Shouldn’t fly in the Mac World either.
So Macs have the same types of security vunerabilities as other systems. Shouldn’t be news to anyone who didn’t come down in the last shower.
hepinize sıra gelecek
HERŞEY VATAN İÇİN http://www.starhack.org
This is cool that we can receive the loans and it opens up completely new possibilities.