Anonymous, the hacker group which is credited with high-profile breaches like PayPal, MasterCard and Visa, in support of whistleblower website Wikileaks has now broken into an Apple server.
The group confessed that it had hacked into an Apple server used for technical online surveys on twitter. It tweeted: Apple could be a target, too. But don't worry we are busy elsewhere.
As part of its AntiSec or Anti Security campaign the hacker group made away with 27 usernames and passwords for the website www.abs.apple.com. The hacked data was published by the group on pastebin, a file-sharing site.
Anonymous has been working closely with the recently disbanded group LulzSec, the group which gained headlines by hacking into sites like Sony PlayStation Network, CIA, United States Senate, Brazilian government website and Serious and Organized Crime Agency (Soca).
PC Magazine surmises that the attack on the Apple server could be a SQL injection attack, as the hack bears semblance to hacks used by the group LulzSec. SQL injection attacks allow hackers to execute arbitrary SQL commands on the database through a Web site. It is also reported that most of the members of the disbanded group LulzSec have joined Anonymous.
Though the Apple attack is miniscule in terms of the size of the data siphoned, the fact that they have set their eyes on Apple is disturbing, as Apple sits on a treasure trove of data which includes credit card numbers and personal details of its iTunes members.
Apple is considered the holy-grail of hacking as it has one of the most robust systems. The timing of the attack is also significant as Apple recently announced the arrival of its cloud storage facility, the iCloud. The cloud locker facility allows users to store music, apps, documents and calendar on the cloud. The success of the offering depends on user's willingness to move their data to Apple servers. The current hack can raise questions about the security of iCloud.
LulzSec recently claimed that it had hacked into Apple's iCloud service. However in keeping with its tradition the hacker group failed to upload any of the iCloud stolen data online. Also since then there has been no word from the group about the iCloud hack.
Anonymous, the group behind the Apple attack, came into limelight after co-coordinating DDoS attacks on websites like PayPal in support of Wikileaks founder Julian Assange. Fortune recently reported that Anonymous has started Wikileaks like submission forum for hackers. Unlike Wikileaks which allows insider whistleblowers to post information, Anonymous allows outside hackers, who are able to siphon secret information, to post the information.
A site named HackerLeaks was started by members of the Anonymous sub-group People's Liberation Front. The site allows hackers to upload stolen information on the website. In spite of other forums like Pastein available for publishing, HackerLeaks styled sites started by Anonymous are emerging to provide established connections with media outlets.
The AntiSec movement was started to expose vulnerabilities in company and government websites. Recently LulzSec as part of the AntiSec movement released torrent files of leaked AT&T documents. However, the recently arrested UK LulzSec suspect Ryan Cleary said that the AT&T documents were handed over by an AT&T employee. The information revealed that companies and governments are not just facing external threats but also from insiders.