Results 1 to 10 of 11
08-05-2012, 10:41 AM #1
Apple gave hackers access to user's iCloud info.
As we continue to upload more and more of our lives to the web, the dangers of being hacked multiply. Our credit card numbers, our home addresses — they’re all there for the taking. That’s why so many security experts preach using a complicated password.
But sometimes, using a strong password isn’t enough. Just ask former Gizmodo writer Mat Honan. Mat’s world was turned upside down this weekend when a hacker gained access to his iCloud account, wiping his Mac, iPhone and iPad, thanks to Apple…
If you follow Mat Honan or Gizmodo on Twitter, you would have seen quite the show Friday night. Hackers gained access to both accounts and started their reign of terror.
Honan explains how it all went down:
At 4:50 PM, someone got into my iCloud account, reset the password and sent the confirmation message about the reset to the trash. My password was a 7 digit alphanumeric that I didn’t use elsewhere. When I set it up, years and years ago, that seemed pretty secure at the time. But it’s not. Especially given that I’ve been using it for, well, years and years.
The backup email address on my Gmail account is the same .mac email address. At 4:52 PM, they sent a Gmail password recovery email to the .mac account. Two minutes later, an email arrived notifying me that my Google Account password had changed.
At 5:00 PM, they remote wiped my iPhone. At 5:01 PM, they remote wiped my iPad. At 5:04, they remote wiped my MacBook Air.
A few minutes after that, they took over my Twitter. Because, a long time ago, I had linked my Twitter to Gizmodo’s they were then able to gain entry to that as well.
So how did all of this happen? A brute force attack? A key logger? Nope, Apple essentially handed the hackers Mat’s iCloud password.
Update three: I know how it was done now. Confirmed with both the hackera nd Apple. It wasn’t password related. They got in via Apple tech support and some clever social engineering that let them bypass security questions.
In fact, we expect the company to make a statement regarding this situation at some point, if for no other reason then to reassure folks that this won’t happen again. Some people store their entire lives on iCloud. And if Apple ever wants to, at some point, become a medium for wireless mobile payments, it needs to feel safer.
08-05-2012, 11:43 AM #2
Wow. That would piss me off so much. Does he have any legal grounds to sue or something?
08-05-2012, 11:49 AM #3
I would blow up all my apple shit and go to verizon and windows. Man, I would be so pissed.
08-05-2012, 11:50 AM #4
08-05-2012, 12:34 PM #5
I'd be pissed if that happened to me. Like you said some people store their whole career in a laptop/Computer and to have it delete is a brutal blow to anyone.
08-05-2012, 12:35 PM #6
Like the prices for apple products wasn't enough.
08-05-2012, 01:15 PM #7
God Damn Apple.
08-05-2012, 08:24 PM #8
- Join Date
- Apr 2011
Why are you guys all jumping on the Apple bandwagon?
Clearly you guys can't read that the hacker called Apple Support pretending to be that Gizmodo dude and got the password via 'verification questions'. And this just proves that the dude definitely need better Forgotten Password Verification questions.It's his fault for revealing too much about his private life, which gave the hacker enough info to answer those personal questions.
08-05-2012, 08:26 PM #9
Well, baktair, the only reason that people are mad is because the guy didn't have to answer the security questions. He social engineered the Apple worker a bit and got the information without doing so, which is why it's such a big issue. The guy was dumb for using the same password, but this was partially Apple's fault.
08-05-2012, 08:31 PM #10
This is just... wow.. i'm almost speechless. Although it was mainly the companies fault.
I would just blend my Apple products.. put it on youtube, get a million views and move on with my life.
Tags for this Thread