Apple hacked | Breaking Cybersecurity News | The Hacker News

Well, there's something quite embarrassing for Apple fans. Though Apple servers are widely believed to be unhackable, a 16-year-old high school student proved that nothing is impossible. The teenager from Melbourne, Australia, managed to break into Apple servers and downloaded some 90GB of secure files, including extremely secure authorized keys used to grant login access to users, as well as access multiple user accounts. The teen told the authorities that he hacked Apple because he was a huge fan of the company and "dreamed of" working for the technology giant. What's more embarrassing? The teen, whose name is being withheld as he's still a minor, hacked the company's servers not once, but numerous times over the course of more than a year, and Apple's system administrators failed to stop their users' data from being stolen. When Apple finally noticed the intrusion, the company contacted the FBI, which took the help of the Australian Fede

A cyber campaign that was targeting iPhone and iPad owners with a sophisticated Ransomware in Australia and New Zealand last month, drawn special attention of online media and security analysts. Russian Authorities have arrested two young hackers from Moscow for their alleged involvement in compromising Apple ID accounts and then using ' Apple's Find My iPhone ' service to hold iOS devices for ransom. A Russian man aged 23 and a teenager aged 17 had been taken into custody in the Southern Administrative District of Moscow for their part in " blocking of Apple devices to extort funds ," claims the press release on the Russian Interior Ministry's website on Tuesday. According to the authorities, one of the suspects used phishing websites to trick victims into giving up their Apple ID username and password. The second suspect's activities are exactly same of the ' Oleg Pliss attack '. " The first involved gaining access to the victim's Apple ID by means of the c

The  ransomware industry surged in 2023  as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 5,070.  But 2024 is starting off showing a very different picture.  While the numbers skyrocketed in Q4 2023 with 1309 cases, in Q1 2024, the ransomware industry was down to 1,048 cases. This is a 22% decrease in ransomware attacks compared to Q4 2023. Figure 1: Victims per quarter There could be several reasons for this significant drop.  Reason 1: The Law Enforcement Intervention Firstly, law enforcement has upped the ante in 2024 with actions against both LockBit and ALPHV. The LockBit Arrests In February, an international operation named "Operation Cronos" culminated in the arrest of at least three associates of the infamous LockBit ransomware syndicate in Poland and Ukraine.  Law enforcement from multiple countries collaborated to take down LockBit's infrastructure. This included seizing their dark web domains and gaining access to their backend sys

From last few years Ransomware malwares are targeting Windows users Worldwide and experts predicted that it was just a matter of time until ransomware would hit mobile devices and other Desktop operating systems like Mac, iOS, Android etc. A Few weeks back we reported about a Ransomware malware campaign which is targeting Android mobile users. Such Malware first try to trick users into downloading it and then demanding payment to restore user control of the device. This morning reports came out that cybercriminals have targeted a large number of users of Apple's iCloud connected devices with a sophisticated Ransomware in Australia. The owners of iPhone , Mac and iPads are finding their devices locked remotely through iCloud and a message originating in Apple's find my device service that states " Device hacked by Oleg Pliss ". One user wrote on Apple Support Forum, " I went to check my phone and there was a message on the screen (it's

A Dutch-Moroccan team of hackers calling itself " Team DoulCi " have reportedly claimed to hack a protective feature on Apple 's iCloud system, that could leverage an attacker to remove security measures on lost or stolen iPhone devices. According to a report from Dutch news organization De Telegraaf , the hackers purchased locked iPhone devices for $50 to $150 each and then bypassed Apple's iCloud activation lock through a serious security vulnerability Apple has failed to patch with its most recent updates. The critical vulnerability in the Apple's iCloud allowed them to unlock stolen iPhones in an instant, which could then be sold for a large profit in the Blackmarket. This is the first time when any hacker group has managed to compromise the highly secured Apple's iCloud service. iCloud is a cloud storage and cloud computing service provided by the Apple Inc. to its users since October 2011 with more than 320 million users across the world. The service all

Despite the contrary regarding NSA's DROPOUTJEEP program, Apple had always denied working with the NSA in the creation of any backdoors used to spy on its users and also claimed that the NSA doesn't have backdoor access to its data. But, Apple could legally share your phone data with the law enforcement agencies if asked for. Being a secretive company, Apple is very clear at its point of sharing its users' data with the government when U.S. law enforcement agencies request data relating to the company's users. With the release of a set of new guidelines late Wednesday regarding requests for customer data from the U.S. law enforcement agencies, Apple specifies what information can and cannot be lifted from its users devices upon the receipt of disclosure requests, search warrants, or legal orders. " These guidelines are provided for use by law enforcement or other government entities in the U.S. when seeking information from Apple Inc. about users of Apple

Is Air Travel expensive for You?? Of course it's costly for Common people. But, hackers have found a way out of it too. If you have an iPhone then there is no need to buy airline tickets, as a simple iPhone hack can fool any modern airport and get you a seat in first class for free. Anthony Hariton , an 18 year-old computer science student at the University of Crete in Greece, claims he has found a plough to fetch free flight tickets across Europe by generating fake boarding passes designed for Apple's Passbook app. The student prepares to give his presentation entitled " Exploiting Passbook to Fly for Free, " in a hacking conference next month, in which he will theoretically demonstrate on how to generate fake boarding passes using only a computer and an iPhone, then get through all the Security Airport checks and then eventually ending up on your first class seat to the destination of your choice. HACKING iPHONE APP TO GET FREE BOARDING PASSES The iO

Recently we aware you about the tricky phishing scam targeting Google Docs and Google Drive , a similar phishing scam has been detected by the researchers targeting Apple users to steal users' credentials. According to the researchers at Netcraft , a UK based security services company, the hackers have compromised the web server owned by the gaming company, Electronic Arts (EA) to host a phishing site which targets Apple ID Account holders, asking for users' Apple ID and password, along with their full name and date of birth and credit card details as well. " The phishing site attempts to trick a victim into submitting his Apple ID and password. It then presents a second form which asks the victim to verify his full name, card number, expiration date, verification code, date of birth, phone number, mother's maiden name, plus other details that would be useful to a  fraudsters , " wrote the researchers in a blog post. The Hackers compromised the EA Games server by exp

Watch out, coffee drinkers. If you are one of those 10 million Starbucks customers, who purchases drinks and food directly from their Smartphones, this news is for you! If you use Starbucks' official iOS app, you should know that the company is not encrypting any of your information, including your password. The app allows the Starbucks customers to check their balance, transaction history, fund transfer, and store location, etc. A Security researcher Daniel E. Wood found a vulnerability (CVE-2014-0647) in STARTBUCKS v2.6.1. iOS mobile application, that stores your credential details and GPS locations in plain text format into the file system. To extract the information from the mobile, an attacker just needs to connect the device to a computer and accessing ' session . clslog ' file from the location given below: /Library/Caches/ com . crashlytics . data/ com . starbucks . mystarbucks /session . clslog The vulnerability , however, requires that the hacker has physical

It's been over a day now since Apple 's online Dev Center went offline, and latest message can be seen in the screenshot, which explains that the current maintenance has took a lot longer than they expected. " We apologize that maintenance is taking longer than expected. If your program membership was set to expire during this period, it has been extended and your app will remain on the App Store. If you have any other concerns about your account, please contact us. Thank you for your patience. " message said. Since that time, developers have been unable to access the site and cannot visit the forums or download Mac or iOS SDKs, the iOS 7 beta, or the Mavericks beta. It was first seemed like Apple having some backend issues but according to tweets from many developers, they have received a message from Apple that an attempt was made to reset their user ID's password . Such notices pointing that Apple's Developer Center website may have been compromised. But if it is a sec

Russian anti-virus company Doctor Web reports that a new Mac OS X adware Trojan spreading itself via crafted movie trailer pages that prompt users to install a browser plugin. Basically, an adware is any software package which automatically renders advertisements in order to generate revenue for its author. Dubbed as ' Trojan.Yontoo.1 ', Attackers have provided a number of alternative ways to spread the threat. The Trojan can also be downloaded as a media player, a video quality enhancement program or a download accelerator. When victim visits the site, the dialogue only imitates the traditional plate and specially designed by hackers to enter a potential victim of misleading. After pressing the « Install the plug-in » victim is redirected to the site to download malware. When launched, Trojan.Yontoo.1 displays a dialogue window that asks the user if they want to install Free Twit Tube. after the user presses ' Continue ', instead of the promised program, the

Microsoft has become the latest victim of to Cyber attack and confirm that small number of its computers, including some in its Mac software business unit, were infected with malware . Microsoft added , malicious software used in a cyber attack is very similar to those experienced by Facebook and Apple recently. Microsoft gave few other details about the break-in, " We have no evidence of customer data being affected and our investigation is ongoing. " " During our investigation, we found a small number of computers, including some in our Mac business unit that were infected by malicious software using techniques similar to those documented by other organizations. We have no evidence of customer data being affected and our investigation is ongoing, " Microsoft said. " This type of cyber attack is no surprise to Microsoft and other companies that must grapple with determined and persistent adversaries ," the company said. Last week, Apple said its

The same ring of hackers that are responsible for hacking into at least 40 companies including Facebook and Twitter are reportedly also infected the computers of some Apple employees, the company acknowledged Tuesday. The purpose of hack considered an effort to steal company secrets, research and intellectual property that they can sell. Investigators tracked at least one server being used by the hacker ring to a hosting company in the Ukraine. " Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers, " the company said in its statement. " The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network ." Apple isolated the infected systems from its network and said there was no indication that any data