Jump to content

A teen from Australia was able to remotely access confidential information data on Apple's servers for over a year

D13H4RD

Oops? 

 

Apparently, a teen from Melbourne, Australia was able to access some of Apple's secured servers for over a year, being able to access confidential information, some of which included customer information. 

Quote

The teen, who must remain anonymous for legal reasons, was able to access Apple’s servers via various methods that hid his identity. He was able to access authorized keys that allowed him to log in. Over the course of a year, the teen remotely accessed the servers and downloaded over 90 GB of secure files, some of which contained customer account information.

 

The teen went undetected for a long period of time until Apple finally noticed an intrusion and blocked his IP address. Apple then contacted the FBI, who turned the case over to the Australian Federal Police (AFP). The AFP issued a search warrant for the teen’s home and seized two Apple laptops, as well as the teen’s phone and hard drive. At least one of the computers contained a folder labelled “hacky hack hack” that was loaded with hacking software and instructions.

https://www.notebookcheck.net/An-Australian-teenager-hacked-into-Apple-s-secure-network-and-stole-90-GB-of-data.323434.0.html

 

But the reason why he hacked? Not for money or anything. Nope. 

Quote

So why did the teen hack Apple? Apparently, it wasn’t to get confidential information or money. The teen’s defense attorney claims that the hacker accessed Apple’s servers because he loved the Cupertino company and had always dreamed of working for them. 

Haha, stay classy Australia. 

The Workhorse (AMD-powered custom desktop)

CPU: AMD Ryzen 7 3700X | GPU: MSI X Trio GeForce RTX 2070S | RAM: XPG Spectrix D60G 32GB DDR4-3200 | Storage: 512GB XPG SX8200P + 2TB 7200RPM Seagate Barracuda Compute | OS: Microsoft Windows 10 Pro

 

The Portable Workstation (Apple MacBook Pro 16" 2021)

SoC: Apple M1 Max (8+2 core CPU w/ 32-core GPU) | RAM: 32GB unified LPDDR5 | Storage: 1TB PCIe Gen4 SSD | OS: macOS Monterey

 

The Communicator (Apple iPhone 13 Pro)

SoC: Apple A15 Bionic | RAM: 6GB LPDDR4X | Storage: 128GB internal w/ NVMe controller | Display: 6.1" 2532x1170 "Super Retina XDR" OLED with VRR at up to 120Hz | OS: iOS 15.1

Link to comment
Share on other sites

Link to post
Share on other sites

Bloody oath, this makes me proud to be Australian

Link to comment
Share on other sites

Link to post
Share on other sites

17 minutes ago, D13H4RD2L1V3 said:

At least one of the computers contained a folder labelled “hacky hack hack” that was loaded with hacking software and instructions.

Just to note this isn't illegal, using the software is but just having it is fine.

 

Spoiler

As far as I know :)

 

                     ¸„»°'´¸„»°'´ Vorticalbox `'°«„¸`'°«„¸
`'°«„¸¸„»°'´¸„»°'´`'°«„¸Scientia Potentia est  ¸„»°'´`'°«„¸`'°«„¸¸„»°'´

Link to comment
Share on other sites

Link to post
Share on other sites

Australian teens hack Apple servers while I'm still trying to figure out how to use a macbook pro for work.

Ryzen 5 1600 @ 3.9 Ghz  | Gigabyte AB350M Gaming 3 |  PaliT GTX 1050Ti  |  8gb Kingston HyperX Fury @ 2933 Mhz  |  Corsair CX550m  |  1 TB WD Blue HDD


Inside some old case I found lying around.

 

Link to comment
Share on other sites

Link to post
Share on other sites

90GB? What is that, like 5 .FLAC songs? xD 

 

Too bad he didn’t go through Apples Bug bounty program. Could have made some cash from this. 

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | Car: 2007 Ford Taurus SE | CPU: R7 5700X | Mobo: ASRock B450M Pro4 | RAM: 32GB 3200 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 11 | Storage: 1TB Crucial P3 NVME SSD, 1TB PNY CS900, & 4TB WD Blue HDD | PSU: Be Quiet! Pure Power 11 600W | Display: LG 27GL83A-B 1440p @ 144Hz, Dell S2719DGF 1440p @144Hz | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G305 | Audio: Audio Technica ATH-M50X & Blue Snowball | Server: 2018 Core i3 Mac mini, 128GB SSD, Intel UHD 630, 16GB DDR4 | Storage: OWC Mercury Elite Pro Quad (6TB WD Blue HDD, 12TB Seagate Barracuda, 1TB Crucial SSD, 2TB Seagate Barracuda HDD)
Link to comment
Share on other sites

Link to post
Share on other sites

18 minutes ago, Leinad4400 said:

Bloody oath, this makes me proud to be Australian

The land of Kangaroos. 

 

And Mighty Car Mods 

 

And Turbo Yoda 

The Workhorse (AMD-powered custom desktop)

CPU: AMD Ryzen 7 3700X | GPU: MSI X Trio GeForce RTX 2070S | RAM: XPG Spectrix D60G 32GB DDR4-3200 | Storage: 512GB XPG SX8200P + 2TB 7200RPM Seagate Barracuda Compute | OS: Microsoft Windows 10 Pro

 

The Portable Workstation (Apple MacBook Pro 16" 2021)

SoC: Apple M1 Max (8+2 core CPU w/ 32-core GPU) | RAM: 32GB unified LPDDR5 | Storage: 1TB PCIe Gen4 SSD | OS: macOS Monterey

 

The Communicator (Apple iPhone 13 Pro)

SoC: Apple A15 Bionic | RAM: 6GB LPDDR4X | Storage: 128GB internal w/ NVMe controller | Display: 6.1" 2532x1170 "Super Retina XDR" OLED with VRR at up to 120Hz | OS: iOS 15.1

Link to comment
Share on other sites

Link to post
Share on other sites

2 minutes ago, DrMacintosh said:

90GB? What is that, like 5 .FLAC songs? xD 

Or (potentially) millions of text documents and spreadsheets.

 

You gotta wonder about the mindset of someone who holds onto this stuff even after its obvious he's been found out. The second his connection was refused he should have got rid of everything remotely related.

Main Rig:-

Ryzen 7 3800X | Asus ROG Strix X570-F Gaming | 16GB Team Group Dark Pro 3600Mhz | Corsair MP600 1TB PCIe Gen 4 | Sapphire 5700 XT Pulse | Corsair H115i Platinum | WD Black 1TB | WD Green 4TB | EVGA SuperNOVA G3 650W | Asus TUF GT501 | Samsung C27HG70 1440p 144hz HDR FreeSync 2 | Ubuntu 20.04.2 LTS |

 

Server:-

Intel NUC running Server 2019 + Synology DSM218+ with 2 x 4TB Toshiba NAS Ready HDDs (RAID0)

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, Master Disaster said:

Or millions of text documents and spreadsheets.

Of which I’m sure this teen would have a lot of use for. And we know he didn’t because he didn’t sell any of it. 

 

Also would love be to know what servers he got into. Like did he hack the Apple maps servers or the ones that handle iMessage? Both of which contain “customer account information” but obviously one is a lot more sensitive than the other. 

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | Car: 2007 Ford Taurus SE | CPU: R7 5700X | Mobo: ASRock B450M Pro4 | RAM: 32GB 3200 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 11 | Storage: 1TB Crucial P3 NVME SSD, 1TB PNY CS900, & 4TB WD Blue HDD | PSU: Be Quiet! Pure Power 11 600W | Display: LG 27GL83A-B 1440p @ 144Hz, Dell S2719DGF 1440p @144Hz | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G305 | Audio: Audio Technica ATH-M50X & Blue Snowball | Server: 2018 Core i3 Mac mini, 128GB SSD, Intel UHD 630, 16GB DDR4 | Storage: OWC Mercury Elite Pro Quad (6TB WD Blue HDD, 12TB Seagate Barracuda, 1TB Crucial SSD, 2TB Seagate Barracuda HDD)
Link to comment
Share on other sites

Link to post
Share on other sites

Just now, DrMacintosh said:

Of which I’m sure this teen would have a lot of use for. And we know he didn’t because he didn’t sell any of it. 

Well, it's because 

Quote
29 minutes ago, D13H4RD2L1V3 said:

because he loved the Cupertino company and had always dreamed of working for them. 

 

Pfffff

The Workhorse (AMD-powered custom desktop)

CPU: AMD Ryzen 7 3700X | GPU: MSI X Trio GeForce RTX 2070S | RAM: XPG Spectrix D60G 32GB DDR4-3200 | Storage: 512GB XPG SX8200P + 2TB 7200RPM Seagate Barracuda Compute | OS: Microsoft Windows 10 Pro

 

The Portable Workstation (Apple MacBook Pro 16" 2021)

SoC: Apple M1 Max (8+2 core CPU w/ 32-core GPU) | RAM: 32GB unified LPDDR5 | Storage: 1TB PCIe Gen4 SSD | OS: macOS Monterey

 

The Communicator (Apple iPhone 13 Pro)

SoC: Apple A15 Bionic | RAM: 6GB LPDDR4X | Storage: 128GB internal w/ NVMe controller | Display: 6.1" 2532x1170 "Super Retina XDR" OLED with VRR at up to 120Hz | OS: iOS 15.1

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, D13H4RD2L1V3 said:

Well, it's because 

Pfffff

I think Apple likes resumes more than being hacked for a year and having to dispatch the Australian equivalent of the FBI xD 

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | Car: 2007 Ford Taurus SE | CPU: R7 5700X | Mobo: ASRock B450M Pro4 | RAM: 32GB 3200 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 11 | Storage: 1TB Crucial P3 NVME SSD, 1TB PNY CS900, & 4TB WD Blue HDD | PSU: Be Quiet! Pure Power 11 600W | Display: LG 27GL83A-B 1440p @ 144Hz, Dell S2719DGF 1440p @144Hz | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G305 | Audio: Audio Technica ATH-M50X & Blue Snowball | Server: 2018 Core i3 Mac mini, 128GB SSD, Intel UHD 630, 16GB DDR4 | Storage: OWC Mercury Elite Pro Quad (6TB WD Blue HDD, 12TB Seagate Barracuda, 1TB Crucial SSD, 2TB Seagate Barracuda HDD)
Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, DrMacintosh said:

I think Apple likes resumes more than being hacked for a year and having to dispatch the Australian equivalent of the FBI xD 

I guess he thought he'd end up like that guy who was a notorious cheater on Valve titles and subsequently got a VAC ban. 

 

And where he is now? Working for Valve 

The Workhorse (AMD-powered custom desktop)

CPU: AMD Ryzen 7 3700X | GPU: MSI X Trio GeForce RTX 2070S | RAM: XPG Spectrix D60G 32GB DDR4-3200 | Storage: 512GB XPG SX8200P + 2TB 7200RPM Seagate Barracuda Compute | OS: Microsoft Windows 10 Pro

 

The Portable Workstation (Apple MacBook Pro 16" 2021)

SoC: Apple M1 Max (8+2 core CPU w/ 32-core GPU) | RAM: 32GB unified LPDDR5 | Storage: 1TB PCIe Gen4 SSD | OS: macOS Monterey

 

The Communicator (Apple iPhone 13 Pro)

SoC: Apple A15 Bionic | RAM: 6GB LPDDR4X | Storage: 128GB internal w/ NVMe controller | Display: 6.1" 2532x1170 "Super Retina XDR" OLED with VRR at up to 120Hz | OS: iOS 15.1

Link to comment
Share on other sites

Link to post
Share on other sites

I like how every security issue with Apple takes a year minimum to come out

Come Bloody Angel

Break off your chains

And look what I've found in the dirt.

 

Pale battered body

Seems she was struggling

Something is wrong with this world.

 

Fierce Bloody Angel

The blood is on your hands

Why did you come to this world?

 

Everybody turns to dust.

 

Everybody turns to dust.

 

The blood is on your hands.

 

The blood is on your hands!

 

Pyo.

Link to comment
Share on other sites

Link to post
Share on other sites

I believe him, if he had been stealing money they would have been able to trace that pretty easy, also he kept it a secret until he got caught.  He wasn't after glory or he would have been bragging.   The only thing that might fuck him up with that defense is accessing users private information.

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites

Link to post
Share on other sites

17 minutes ago, mr moose said:

I believe him, if he had been stealing money they would have been able to trace that pretty easy, also he kept it a secret until he got caught.  He wasn't after glory or he would have been bragging.   The only thing that might fuck him up with that defense is accessing users private information.

Except...

 

Quote

His offending from the age of 16 saw him develop computerised tunnels and online bypassing systems to hide his identity until a raid on his family home uncovered a litany of hacking files and instructions all saved in a folder titled “hacky hack hack”.

The teen’s defence lawyer said his client had become so well known in the international hacking community that even mentioning the case in detail could expose him to risk.

...

He then used Whatsapp to communicate his offending to others.

https://www.theage.com.au/national/victoria/melbourne-teen-hacked-into-apple-s-secure-computer-network-court-told-20180816-p4zxwu.html

CPU: Intel i7 6700k  | Motherboard: Gigabyte Z170x Gaming 5 | RAM: 2x16GB 3000MHz Corsair Vengeance LPX | GPU: Gigabyte Aorus GTX 1080ti | PSU: Corsair RM750x (2018) | Case: BeQuiet SilentBase 800 | Cooler: Arctic Freezer 34 eSports | SSD: Samsung 970 Evo 500GB + Samsung 840 500GB + Crucial MX500 2TB | Monitor: Acer Predator XB271HU + Samsung BX2450

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, Spotty said:

Except...

 

Opp's,  I stand embarrassingly corrected.

 

Let him fry...

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites

Link to post
Share on other sites

4 hours ago, vorticalbox said:

Just to note this isn't illegal, using the software is but just having it is fine.

 

  Reveal hidden contents

As far as I know :)

 

I guess that depends where you live.

Where i live it's illegal to have hacking software with you like kali for example.

But then again 100+ students at my school had kali because it was part of a course and nobody ever got in trouble.

 

Unless you did something illegal they basically never check for hacking tools because they have no reason to do so. Tbh the cops barely do anything these days because there aren't enough of them.

If you want my attention, quote meh! D: or just stick an @samcool55 in your post :3

Spying on everyone to fight against terrorism is like shooting a mosquito with a cannon

Link to comment
Share on other sites

Link to post
Share on other sites

38 minutes ago, samcool55 said:

I guess that depends where you live.

Where i live it's illegal to have hacking software with you like kali for example.

But then again 100+ students at my school had kali because it was part of a course and nobody ever got in trouble.

Pretty sure Kali Linux isn't hacking software.

Judge a product on its own merits AND the company that made it.

How to setup MSI Afterburner OSD | How to make your AMD Radeon GPU more efficient with Radeon Chill | (Probably) Why LMG Merch shipping to the EU is expensive

Oneplus 6 (Early 2023 to present) | HP Envy 15" x360 R7 5700U (Mid 2021 to present) | Steam Deck (Late 2022 to present)

 

Mid 2023 AlTech Desktop Refresh - AMD R7 5800X (Mid 2023), XFX Radeon RX 6700XT MBA (Mid 2021), MSI X370 Gaming Pro Carbon (Early 2018), 32GB DDR4-3200 (16GB x2) (Mid 2022

Noctua NH-D15 (Early 2021), Corsair MP510 1.92TB NVMe SSD (Mid 2020), beQuiet Pure Wings 2 140mm x2 & 120mm x1 (Mid 2023),

Link to comment
Share on other sites

Link to post
Share on other sites

@leadeater Inb4 the normies go "Oh look he's hacking!" when terminal is open full screen and person is using SSH :D

Judge a product on its own merits AND the company that made it.

How to setup MSI Afterburner OSD | How to make your AMD Radeon GPU more efficient with Radeon Chill | (Probably) Why LMG Merch shipping to the EU is expensive

Oneplus 6 (Early 2023 to present) | HP Envy 15" x360 R7 5700U (Mid 2021 to present) | Steam Deck (Late 2022 to present)

 

Mid 2023 AlTech Desktop Refresh - AMD R7 5800X (Mid 2023), XFX Radeon RX 6700XT MBA (Mid 2021), MSI X370 Gaming Pro Carbon (Early 2018), 32GB DDR4-3200 (16GB x2) (Mid 2022

Noctua NH-D15 (Early 2021), Corsair MP510 1.92TB NVMe SSD (Mid 2020), beQuiet Pure Wings 2 140mm x2 & 120mm x1 (Mid 2023),

Link to comment
Share on other sites

Link to post
Share on other sites

33 minutes ago, AluminiumTech said:

Pretty sure Kali Linux isn't hacking software.

You can hack wi-fi access points, brute-force passwords, inject payloads in python scripts or exe files and a LOT more stuff that could do real damage. Sounds like hacking software to me.

Kali is marketed as a pentesting tool and ethical hacking software so i think you can be sure it IS hacking software.

If you want my attention, quote meh! D: or just stick an @samcool55 in your post :3

Spying on everyone to fight against terrorism is like shooting a mosquito with a cannon

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×