Apple’s Developer site has been hacked, resulting in days of downtime. Since Thursday, the site has been “undergoing maintenance for an extended period” , or at least that was the official line from Apple. There was no prior warning however, and a Turkish security researcher has claimed he was behind the “attacks”, intending simply to report major security issues. So what does this mean for Apple security?
Some developers have reported receiving password reset emails, which Apple have said were unauthorised. With only a few receiving these emails, some repeatedly since the site went down, there is a feeling that there might be a hacker attempting to seize control of a smattering of developer accounts, rather than Apple prompting developers to change their passwords, which would be done as a blanket message to all developers.
This would suggest that an attacker had managed to get hold of personal information, copying some key details on a number of developers and were attempting to exploit them. Ibrahim Balic, the Turkish security researcher who claimed to have reported the flaw, posted a video of his discovery, which included names, developer IDs and email addresses, though some of the information belonged to services such as Freeserve and Mindspring, which are long gone. Balic’s claim to have accessed this sort of information may be corroborated by the password reset emails some developers have received.
Over the weekend, Apple emailed developers saying “an intruder attempted to secure personal information of our registered developers¢â‚¬ ¦ [and] we have not been able to rule out the possibility that some developers’ names, mailing addresses and/or email addresses may have been accessed.”
The dangers of the hack, aside from allowing somebody to access developer’s information, are limited in reality.
Developer code will not be accessible to an intruder and the only thing a hacker could do if they were able to gain control of a developer account would be to post a malicious app from it. The chances of that happening are slim though, as developers would surely make Apple aware of the rogue app and it would fail to get past Apple’s tight screening process.
Apple told developers that sensitive information, such as financial details, was encrypted and therefore inaccessible.
It is not clear who carried out the attacks. Balic, the Turkish security researcher, claimed to have made Apple aware of some security issues through the correct means, adding that his actions were purely constructive and meant to draw the company’s attention to a massive potential data leak. In doing so though, he has drawn attention to the massive potential back door which individuals with more malicious intentions may have been able to exploit.
Whoever is behind the attack, the results have been huge. Apple has been forced to overhaul their developer site for the first time. “In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database,” the company said in a statement.
Customers need not worry. They will not be affected by the Apple security flaw. Developers aren’t at risk of losing anything major either, really. Just like when LinkedIn experienced a massive data leak, resetting your password seems to be the best course of action, but maybe wait until the site is back up, and avoid resetting it through one of those suspicious looking unauthorised Apple emails.