Summary: In a comment
made on TechCrunch, Ibrahim Balic identified himself as a "security
researcher" who attempted to point out serious issues to Apple about its
Dev Center website.
Ibrahim Balic, claims that he
was behind the "hack" but insisted that his intention was to
demonstrate that Apple's system was leaking user information. He posted a video on Youtube which
appears to show that the site was vulnerable to an attack, but adding "I
have reported all the bugs I found to the company and waited for
approval." A screenshot in the video showed a bug filed on 19 July - the
same day the site was taken down - saying "Data leaks user information. I
think you should fix it as soon as possible."
Balic told the Guardian:
"My intention was not attacking. In total I found 13 bugs and reported
[them] directly one by one to Apple straight away. Just after my reporting
[the] dev center got closed. I have not heard anything from them, and they
announced that they got attacked. My aim was to report bugs and collect the
datas [sic] for the purpose of seeing how deep I can go with it."
Apple said in an email to
developers late on Sunday night that "an intruder attempted to secure
personal information of our registered developers… [and] we have not been able
to rule out the possibility that some developers' names, mailing addresses
and/or email addresses may have been accessed."
Source: Apple
Developer site hack
No comments:
Post a Comment