Now that the LulzSec team has disappeared into the ether, the amorphous non-collective that is Anonymous has once again come into focus as the anti-sec group to watch. This morning, however, it’s the work of an individual Labanese Grey-hat hacker going by the name idahc that is in the headlines.
After idahc successfully discovered vulnerabilities on an Apple business website, a dump of more than two dozen usernames and hashed passwords appeared on Pastebin — though he claims the data was not posted by him. Access appears to have been gained via a flaw in a survey posted on the Apple Consultants network site that was being served from abs.apple.com. That server remains offline for the time being, presumably while Apple attempts to batten down the network hatches.
While idahc admits that the situation is “not yet serious,” the breach still means that Apple could find itself scrutinized by the same people who have recently gained entry into dozens of high-profile sites — from PBS and Citibank to just about every Sony site and service imaginable.
@Atulplayer
While the individual who found the exploit was quick to point out that he had no ties to either Anonymous or LulzSec, there’s always the possibility that his method could wind up in their hands and facilitate a future attack on Apple. For its part, Anonymous tweeted that it was busy elsewhere — an ominous sign for whoever or whatever it is that Anon is actively engaging.
Apple is, however, a big, juicy target and it’s certainly the kind of corporate entity that these hacktivist groups have been going after in recent days. If this initial leak is any indication of the kind of data that might be heisted, however, your account is probably safe — since stolen hashes don’t necessarily mean your password can be compromised.
0 comments:
Post a Comment