![IntelBroker Claims Apple Data Breach, Access to Source Code of Internal Tools 27 Apple data breach website](../themes/icons/grey.gif)
Threat actor IntelBroker, notorious for a series of daring cyberattacks, has resurfaced with claims of orchestrating a data breach of Appleβs website. The TA allegedly has gained access to internal source code of three popular tools of Apple.com. This claim comes just a day after IntelBroker claimed to have orchestrated a
data breach of another tech giant, Advanced Micro Devices (AMD).
DecodingΒ Apple Data BreachΒ Claims
Per the available information, IntelBroker allegedly breached Appleβs security in June 2024 and has managed to lay hands on the internal source code of three commonly used Apple tools, namely, AppleConnect-SSO, Apple-HWE-Confluence-Advanced and AppleMacroPlugin.
The information was posted by the threat actor on BreachForums, a high-profile platform for trading stolen
data and hacking tools. βI'm releasing the internal source code to three of Apple's commonly used tools for their internal site, thanks for reading and enjoy!β the TA posted.
AppleConnect is the Apple-Specific Single Sign-On (SSO) and authentication system that allows a user to access certain applications inside Apple's network.
Apple-HWE-Confluence-Advanced might be used for team projects or to share some information inside the company, and AppleMacroPlugin is presumably an application that facilitates certain processes in the company.
Apple has not yet responded to the alleged data breach by IntelBroker or the leaked code. However, if the data breach occurred as claimed, it may lead to the exposure of important information that could be sensitive to the workings and operations of Apple. If legitimate, this breach could compromise Apple's internal operations and workflow. Leaked source code could expose
vulnerabilities and inner workings of these tools.
The Cyber Express has reached out to Apple to learn more about the potential data breach. However, at the time of publication, no official statement or response has been received, leaving the claims for the Apple data leak unconfirmed for now. The article will be updated as soon as we receive a response from the tech giant.
Previous Attacks by IntelBroker
The alleged data breach at Apple could prove significant considering the history of the threat actor. IntelBroker is believed to be a mature threat actor and is known to have been responsible for high-profile intrusions in the past.
On June 18th, 2024, chipmaker AMD acknowledged that they were investigating a potential data breach by IntelBroker. The attacker claimed to be selling stolen AMD data, including employee information, financial documents, and confidential information.
Last month, the threat actor is believed to have
breached data of European Unionβs law enforcement agency, Europolβs Platform for Experts (EPE).
Some of the other organizations that the attacker is believed to have breached data include
Panda Buy,
Home Depot, and
General Electric. The hacker also claimed to have targeted
US Citizenship and Immigration Services (USCIS) and
Facebook Marketplace.
Apple's Security Posture
Apple prides itself on its robust security measures and user
privacy. However, the company has faced security threats in the past. In December 2023, Apple released security updates to address
vulnerabilities in various Apple products, including iOS, iPadOS, macOS, tvOS, watchOS, and Safari. One critical vulnerability patched allowed attackers to potentially inject keystrokes by mimicking a keyboard. This incident highlights the importance of keeping software updated to mitigate security
risks.
In November 2023, there were reports of a
state-sponsored attack targeting Apple iOS devices used in India. While details about this attack remain scarce, it serves as a reminder that even Apple devices are susceptible to cyberattacks.
Looking Ahead
The situation with IntelBroker's claims is ongoing. If the leak is verified, Apple will likely need to take steps to mitigate the potential damage. This could involve patching vulnerabilities in the leaked code and improving internal security measures.
It is important to note that these are unconfirmed reports at this stage. However, they serve as a stark reminder of the ever-evolving
cyber threat landscape. Apple, and all tech companies for that matter, must constantly work to stay ahead of determined attackers like IntelBroker.
For users, it is a reminder to be vigilant about potential phishing attempts or
malware that could exploit these alleged vulnerabilities. Keeping software updated and practicing good cyber hygiene are crucial steps for protecting yourself online.