Apple Dev Center Hacked

[Mr Happy]

Apple Dev Center Hacked - Hacker posts Video

Apples dev center is offline the last three days. It's where you control your apps on the app store, get help and download the latest Betas for iOS 7.


Apple has just released a statement saying the Dev Center was hacked saying no credit card details were compromised but names, emails and address of accounts may be compromised.


Almost minutes after the announcement by Apple a developer called İbrahim BALİÇ has come out saying that a few days ago he contacted Apple's bug center with 7 bugs he found. One of the bugs enabled him to access account details of other developers. He created all the proof, screenshots etc and submitted it to Apple. A few hours later Apple took the Dev Center offline so now he's come out with the information and a video saying it was him but that he is not a hacker and was trying to help Apple fix the bugs. He does not want to be labled a hacker and that all he was trying to do was help.


This is in complete contrast to how Facebook, Microsoft, Google and others work who have paid out millions to developers in bounty rewards for finding important security issues.


You can watch the youtube video here


I am not an hacker, I do security research (100.000+ user information leaks) - YouTube


[video=youtube;q000_EOWy80]http://www.youtube.com/watch?v=q000_EOWy80[/video]

His statement

Hi there,




My name is ibrahim Balic, I am a security researcher. You can also search my name from Facebook's Whitehat List. I do private consulting for particular firms. Recently I have started doing research on Apple inc.


In total I have found 13 bugs and have reported through http://bugreport.apple.com. The bugs are all reported one by one and Apple was informed. I gave details to Apple as much as I can and I've also added screenshots.


One of those bugs have provided me access to users details etc. I immediately reported this to Apple. I have taken 73 users details (all apple inc workers only) and prove them as an example.


4 hours later from my final report Apple developer portal gas closed down and you know it still is. I have emailed and asked if I am putting them in any difficulty so that I can give a break to my research. I have not gotten any respond to this... I have been waiting since then for them to contact me, and today I'm reading news saying that they have been attacked and hacked. In some of the media news I watch/read that whether legal authorities were involved in its investigation of the hack. I'm not feeling very happy with what I read and a bit irritated, as I did not done this research to harm or damage. I didn't attempt to publish or have not shared this situation with anybody else. My aim was to report bugs and collect the datas for the porpoise of seeing how deep I can go within this scope. I have over 100.000+ users details and Apple is informed about this. I didn't attempt to get the datas first and report then, instead I have reported first.


I do not want my name to be in blacklist, please search on this situation. I'm keeping all the evidences, emails and images also I have the records of bugs that I made through Apple bug-report.


Watch this video

 

[ThumperTM]

lol

 

[Sonic]

this guy hacked Facebook as well: Facebook Interests List Permission Bug - ?BRAH?M BAL?Ç - YouTube

 

[Mostarac]

Ibrahim its best white hacker ever see it people can learn lots of security things from this one

 

[Rox]

Why is Apple so annoyed at this? Creepos

 

[Jim17]

no where in the world have 100% secure system (means where secure system have hole for hackers/crackers)

 

[REAK]

There is a rule to PenTesting / Ethical Hacking,

That data should never be touched / harmed / copied / or distributed.

The man is calling himself a Pentester but ignoring one of the fundamental rules to pentesting,
He claims that he has over 100,000+ records from Apple, and shows them to the public

Obviously, any company would be pissed if you mess with their sensitive information.

 

[mRAza]

It was better if he could have shown a few records to Apple Inc. and there was no need to scrape all users data. Now I wonder that instead rewarding him they will send a lawsuit accusing him for sneaking into there system without authorization. how lame

 

[luches]

Seemingly good intention but wrong method -_-.

 

[PBI NetWork]

Heya guys have eny of you download youtube video i see it remove eny let me know ?

dp

 

[Mostarac]

Heya guys have eny of you download youtube video i see it remove eny let me know ?

dp

I hate youTrube(youtube) f**ck nazi assholes, all videos are deleted, realy need some videosite without censorship

 

[SJshah]

Lame proprietary software failing to secure user data once again.

When will Apple users learn and leave their proprietary prison? Never.

 

[PBI NetWork]

Sorry mate it youtube you say f**ck nazi assholes ? or was it ment to that im f**ck nazi assholes ?

 

[Mostarac]

Sorry mate it youtube you say f**ck nazi assholes ? or was it ment to that im f**ck nazi assholes ?

realy youtube sucks people need another site without censorship youtube are like sss nazi fuck them

 

[PBI NetWork]

@Mostarac

ok

 

[Djlatino]

White hackers don't go showing off what they've leaked. smh, Apple could've given the dude a job or something if the nig wasn't so pompous