Australian media reports that a 16 year-old hacker was able to hack into Apple servers and hijack sensitive data. The report came after a police investigation and the proceeding court actions. Detailed information is not available at this moment.
Apple Servers Hacked and Data Stolen by a 16-year Old Hacker from Australia
Online media reports indicate that a 16-year old hacker has been able to repeatedly infiltrate Apple servers. The intrusion was reported after the criminal has been brought to court by the law enforcement. The available information lists that the minor was able to break multiple times into an Apple server and download 90 GB of secure data, including customer accounts.
The offending hacker has been found to create persistent tunnels that allow them to enter into the secure systems at any given time. Several techniques were used by the criminal to hide their identity. Following the discovery of suspicious activity and the performed investigation a raid. This uncovered many hijacked files which proved the crimes.
What’s interesting in this case is that information about the incident has been revealed at this moment — when court actions are being taken. At the time of the hack no details were reported to Apple customers or the security community. The investigation reveals that the hacker has been able to access authorized login keys. They have allowed the criminal to access sensitive data such as customer data. Using the WhatsApp mobile app information about the intrusions was reported to several hacking groups.
There are two versions of possible consequences regarding this action:
- The hacker wanted to receive praise about their actions by posting information on his achievements.
- The hijacked information is shared with the hackers with the intent of spreading the attack scenario with other hackers and collectives. This can other malicious users into accessing the sensitive data and Apple servers.
According to the lawyer representing the accused had a fascination with Apple and their intention was to discover weaknesses in the company’s security systems. The unauthorized penetration testing is distinct characteristic of a computer hacker categorized as “grey hat” — they violate laws and ethical standards, but appear to not have malicious intent. The hacker pleaded guilty and the court decision is expected next month.