A Turkish researcher who claims to have found a flaw in Apple Inc. (NASDAQ:AAPL)’s developer system has taken responsibility for last week’s hack on the site. On Sunday the company said its developer site was targeted by a hacker last week, and it took the site offline in order to overhaul the system.
Apple Releases Details About Last Week’s Hack
The developer site has been offline since Thursday, and no explanation was released by the company until Sunday, reports The Guardian’s Charles Arthur. Developers initially speculated that Apple Inc. (NASDAQ:AAPL) had sustained a major system crash. Then the speculations moved to a belief that the site had been hacked.
YouTube Video Claims Responsibility
The Guardian located a video that had been posted on YouTube by Ibrahim Balic, who said that he hacked Apple’s developer site in order to show how it was leaking the information of its users. His video seems to indicate that the site was vulnerable, although he also says that he has reported all of the bugs he found to Apple Inc. (NASDAQ:AAPL) and was awaiting the company’s approval.
Included in the video are screen shots which seem to show the IDs and names of developers, although The Guardian said it looks like many of the email addresses listed in the screen shots are connected with “long-deprecated services” like Demon, Mindspring and Freeserve. The newspaper said it is trying to contact the owners of the emails in the screenshots. Several of the comments posted on YouTube by users who have viewed the video are irate because it does appear to reveal user information.
Balic Talks To The Guardian
The newspaper contacted Balic, who said that he didn’t intend to attack Apple’s developer site. Instead he claims to have found 13 bugs and that the developer site was closed shortly after he reported the bugs. He said he hasn’t heard anything from Apple Inc. (NASDAQ:AAPL) other than the developer announcement the company made via email saying that its developer site had been attacked.
Apple: Hackers Didn’t Access Developer Code
Apple Inc. (NASDAQ:AAPL) did say it was overhauling its developer systems, updating its software and rebuilding its database. Some users apparently received password resets for their Apple ID, which may indicate that whoever hacked the site was able to copy some important information and was attempting to exploit it. Hackers who are able to get into the system could upload malicious apps into Apple’s App Store, although the company said the hacker wasn’t able to access the codes used by developers.
Hacker Seeking A Reward?
It’s unknown at this point whether Apple Inc. (NASDAQ:AAPL) will acknowledge the claims from Balic. Earlier this year Facebook Inc (NASDAQ:FB) actually rewarded another security researcher who exposed flaws in its system.