[ISN] Apple online store hacked
InfoSec News
isn at c4i.org
Thu May 4 04:15:36 EDT 2006
http://networks.silicon.com/webwatch/0,39024667,39158606,00.htm
By Dan Ilett
3 May 2006
Apple's Korean online store has been defaced by a hacker.
The attack, carried out by someone working under the name 'Dinam', who
claimed in his post to be Turkish, was brought to the attention of
silicon.com last Thursday.
The defacement was removed from Apple's website shortly after
silicon.com alerted the company.
Apple has subsequently refused to comment on the matter.
Jason Hart, CEO of security company Whitehat UK, told silicon.com:
"The defacer has managed to get administrator access to the web
server."
Although Hart suspected the hacker was after little more than
"self-gratification" through vandalising the site, he said Apple
should communicate what happened to its customers to end speculation.
Hart said: "The worst thing Apple can do is not tell customers what
has happened. It's like all the big companies though - they're
constantly having to defend themselves as they're being probed all the
time."
The defacement - which took the form of a dozen lines of code posted
to the apple.co.kr homepage - was documented on hackers' forum
zone-h.org, which said Dinam attacked a Mac OSX server running Apache.
Richard Starnes, president of the Information Systems Security
Association UK, said: "Defacements are not that big a deal provided
the customer data has not been disclosed or they have suffered an
economic impact.
"Defacements just tend to be embarrassing. But we know Apple is a good
company and takes defacements seriously."
More information about the ISN
mailing list