An Adelaide, Australia-based teenager has been found guilty of breaking into Apple servers not once but twice. He is one of the two teens that were charged with hacking Apple servers in December 2015 and again in 2017, and downloading tons of secure internal data. The Adelaide-based teen was just 13 years old when he first managed to access Apple’s secure servers.
How two teens fooled Apple servers
The older teen from Melbourne, who was 16 at the time of the hack, received probation last year instead of jail time. The Children’s Court of Victoria had given him an eight-month good behavior bond, according to ABC News Australia. The Adelaide teen has also been given nine months of probation instead of jail time after being found guilty.
The two teens created false credentials to access Apple servers. They managed to hide their identities using a VPN, and tricked Apple’s systems into thinking that they were company employees.
Unfortunately for them, the Cupertino company was able to trace their locations using the serial numbers of MacBooks they had used in attacks. Apple reported the hacking to FBI, who collaborated with the Australian Federal Police to investigate the matter.
The teen was hoping it would land him a job at Apple
The teen’s lawyer Mark Twiggs told the Youth Court in Adelaide that his client was unaware of how serious his offence was because of his age. Twiggs added that the teen was hoping he would get a job at Apple when the hack was discovered. Something similar had happened in Europe, where a hacker got a job at the same company whose servers he had broken into. “My client is remorseful,” said Twiggs.
According to ABC News Australia, Magistrate David White handed the teen a nine-month good behavior bond. Magistrate David White told the teen to use his “gifts” for good rather than evil. “The manner in which the world functions is one that is heavily reliant on computer technology and those who unlawfully interfere with those systems can do enormous amounts of damage,” said White.
Thankfully for Apple, the breach caused no financial loss. According to the court, Apple’s customer data was also not compromised due to the hack. The US tech giant declined to comment on the case, but provided ABC News Australia with a statement it had made last year in relation to the second teen’s case.
Apple said in that statement that it “vigilantly” protects its networks. The company has a dedicated team of security experts who work to detect and respond to threats. “We regard the data security of our users as one of our greatest responsibilities and want to assure our customers that at no point during this incident was their personal data compromised.”
This is not the first time a teenager has managed to access Apple servers or identify bugs in its software. Earlier this year, an Arizona teenager warned the Cupertino company about a Group FaceTime bug that compromises users’ privacy. The issue became public several days after the teen’s warning. Apple was forced to temporarily disable Group FaceTime until it issued an update fixing the bug.
The Group FaceTime bug allowed users to call anyone with FaceTime and hear the recipient’s audio even before they responded to the incoming call. It means you could listen in on any iPhone or iPad user. Another part of the bug allowed the caller to see the video too.
The security problems come at a time when Apple has been highlighting safety and privacy to attract privacy-conscious users to its ecosystem. But one bug or the other continues to put user data at risk.