We reported yesterday that the Apple developer website was hacked, with information on 275,000 registered third party developers potentially compromised.
The portal at developer.apple.com had been offline since last Thursday without an explanation raising concerns among the user base.
The latest news to hit is that Ibrahim Balic, a Turkish security researcher claims that he was responsible for the hack but insists that his intention was to demonstrate that Apple’s system was leaking user information. He posted a video on youtube which appears to show the site was vulnerable to the attack, saying “I have reported all the bugs I found to the company and waited for approval.”
He shows a screenshot dated July 19th, the same day the site was taken down, saying “Data leaks user information. I think you should fix it as soon as possible.”
The video also highlights some developer names and ID’s. The Guardian paper say they are trying to contact Freeserve, Demon and Mindspring, who are shown in the video. The video has now been changed to ‘private’ status, suggesting the owner is only sharing it with specific sources now.
Balic also spoke to the Guardian paper and said “My intention was not attacking. In total I found 13 bugs and reported [them] directly one by one to Apple straight away. Just after my reporting [the] dev center got closed. I have not heard anything from them, and they announced that they got attacked. My aim was to report bugs and collect the datas [sic] for the purpose of seeing how deep I can go with it.”
Apple sent an email to developers on Sunday night saying that “an intruder attempted to secure personal information of our registered developers… [and] we have not been able to rule out the possibility that some developers’ names, mailing addresses and/or email addresses may have been accessed.” Apple then said they were “completely overhauling our developer systems, updating our server software, and rebuilding our entire database [of developer information].”
Some people said that they received password reset requests against their Apple ID. This would suggest that the hacker had managed to copy some details and might be exploiting them.
Kitguru says: The breach is the first known of its kind against any of Apple’s web services.