Overclock.net › Forums › Industry News › Technology and Science News › [PC](Updates) Apple Tech Support Gave Attackers Access to Journalist's iCloud
New Posts  All Forums:Forum Nav:

[PC](Updates) Apple Tech Support Gave Attackers Access to Journalist's iCloud

post #1 of 30
Thread Starter 
Several Sources.
Main: Wired
Update: Authors own article on his ordeal

Links to other sources:
Main Source
CNET
Cloud Bulletin
Zimbo
Latest Business Report
9 to 5 MAC
Forbes

Updates below:
The author's own blog on his ordeal

APPLE Suspends over-the-phone password resets

This is a interesting blog/article on another author's ordeal with dealing with Apple about accessing his iCloud.
This is a very good read, with some contrasting reports on easiness of gaining access.
Apple really easy to dupe? Maybe not...
/updates


Quote:
Last week, attackers socially engineered Apple tech support to hack into a Wired writer's iCloud account, wiping out the journalist's iPhone, iPad, and Macbook Air, as well as compromising his Gmail and Twitter accounts.
Quote:
"At 5:00 PM, they remote wiped my iPhone

At 5:01 PM, they remote wiped my iPad

At 5:05, they remote wiped my MacBook Air."

It even seems the writer who was hacked, his own webpage is currently down too.

Editorial Note: Cloud storage is great and a good move in the right direction I believe. However, as we look back at how many years it took for security to become a proper mainstay for mainstream PC's. Cloud storage needs to work twice as hard twice as fast to become even more secure properly.
Remember to always have several backups, hard backups locally to even multiple cloud backups.

For cloud backups, you have Dropbox, Google Drive and iCloud for most popular. I even believe Amazon has one now or will have one soon.

Rebelord
Edited by Rebelord - 8/7/12 at 7:05pm
SixthElement
(17 items)
 
   
CPUMotherboardGraphicsRAM
i7-4770k Z87-GD65 MSI R7950 TF3 RipjawsX 8G 1600 CL9 
Hard DriveHard DriveOptical DriveCooling
OCZ Vertex 3 Western Digital Caviar Black LG DVD Multi / Lightscribe H100 
OSMonitorKeyboardPower
Win 7 Ult x64 Samsung 2494SW CM Storm Quickfire Reds Corsair HX750 
CaseMouseMouse PadAudio
550D G700 XTrac Ripper XXL Onkyo TX-SR804 
Audio
Bowers & Wilkins 686 BookShelfs 
CPUMotherboardGraphicsRAM
AMD 1090t 990FXA-UD7 MSI R7950 TF3 TBD 
Hard DriveOSPowerCase
Samsung 20G Win 7 Ultimate Corsair CM650 Fractal Design XL 
  hide details  
Reply
SixthElement
(17 items)
 
   
CPUMotherboardGraphicsRAM
i7-4770k Z87-GD65 MSI R7950 TF3 RipjawsX 8G 1600 CL9 
Hard DriveHard DriveOptical DriveCooling
OCZ Vertex 3 Western Digital Caviar Black LG DVD Multi / Lightscribe H100 
OSMonitorKeyboardPower
Win 7 Ult x64 Samsung 2494SW CM Storm Quickfire Reds Corsair HX750 
CaseMouseMouse PadAudio
550D G700 XTrac Ripper XXL Onkyo TX-SR804 
Audio
Bowers & Wilkins 686 BookShelfs 
CPUMotherboardGraphicsRAM
AMD 1090t 990FXA-UD7 MSI R7950 TF3 TBD 
Hard DriveOSPowerCase
Samsung 20G Win 7 Ultimate Corsair CM650 Fractal Design XL 
  hide details  
Reply
post #2 of 30
Why I try not to use clouds. To Bad It's impossible not to these days.
post #3 of 30
And that's why cloud storage is not a thing for me, i rather have external hard drive once the usb is pull my data is secure.
Love This Beast
(14 items)
 
PS4
(14 items)
 
HTPC
(13 items)
 
CPUMotherboardGraphicsRAM
Core i7 920 D0 3.8Ghz Gigabyte EX58-UD4P Asus 1060 6GB OC 2138core/8606memory 12Gb Fury HyperX 1447mhz 1.64v 9-9-9 28 2T 
Hard DriveOptical DriveCoolingOS
WD Black 640Gb + Seagate 500Gb + Hitachi 2.5" 5... LG DVD-RW SATA Noctua NH-D14 Windows 10 Home  
MonitorPowerCaseMouse
Asus VW266H 25.5" 1200p Corsair 750W CoolerMaster Cm690 II Advanced (Version 2) Logitech MX518 
CPUMotherboardGraphicsRAM
8 Jaguar Core 1.6Ghz CUH-10XXA AMD 7870 (2 CU's disabled) 800Mhz  8Gigs GDDR5 2.75Ghz 
Hard DriveOptical DriveCoolingOS
Toshiba 500Gigs  Blu-ray 6x 85mm Fan. Sony PS4 OS 
MonitorKeyboardPowerAudio
Sony 40R350 B Sony DualShock 4 250W Polk Audio Rti A3's 
AudioAudio
Polk Audio PSW125 Yamaha Rv-371 
CPUMotherboardGraphicsRAM
Q6600 2.4Ghz Dell 0RF703 Zotac GT640 4G DDR2 
Hard DriveCoolingOSMonitor
320Gb Western Digital Caviar Green + 160Gb Hita... Dell Performance Edition Heatsink J9761 W10 64Bits Pro Sony 40R350 B 
KeyboardPowerCaseMouse
Lenovo Keyboard 460w oem Dell Optiplex 745 Logitech  
  hide details  
Reply
Love This Beast
(14 items)
 
PS4
(14 items)
 
HTPC
(13 items)
 
CPUMotherboardGraphicsRAM
Core i7 920 D0 3.8Ghz Gigabyte EX58-UD4P Asus 1060 6GB OC 2138core/8606memory 12Gb Fury HyperX 1447mhz 1.64v 9-9-9 28 2T 
Hard DriveOptical DriveCoolingOS
WD Black 640Gb + Seagate 500Gb + Hitachi 2.5" 5... LG DVD-RW SATA Noctua NH-D14 Windows 10 Home  
MonitorPowerCaseMouse
Asus VW266H 25.5" 1200p Corsair 750W CoolerMaster Cm690 II Advanced (Version 2) Logitech MX518 
CPUMotherboardGraphicsRAM
8 Jaguar Core 1.6Ghz CUH-10XXA AMD 7870 (2 CU's disabled) 800Mhz  8Gigs GDDR5 2.75Ghz 
Hard DriveOptical DriveCoolingOS
Toshiba 500Gigs  Blu-ray 6x 85mm Fan. Sony PS4 OS 
MonitorKeyboardPowerAudio
Sony 40R350 B Sony DualShock 4 250W Polk Audio Rti A3's 
AudioAudio
Polk Audio PSW125 Yamaha Rv-371 
CPUMotherboardGraphicsRAM
Q6600 2.4Ghz Dell 0RF703 Zotac GT640 4G DDR2 
Hard DriveCoolingOSMonitor
320Gb Western Digital Caviar Green + 160Gb Hita... Dell Performance Edition Heatsink J9761 W10 64Bits Pro Sony 40R350 B 
KeyboardPowerCaseMouse
Lenovo Keyboard 460w oem Dell Optiplex 745 Logitech  
  hide details  
Reply
post #4 of 30
Somebody is going to get fired rolleyes.gif Also he shouldn't have this much private info out in the open
Nameless
(14 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 965 Extreme EVGA Classified E759 Limited edition NF200 EVGA GTX 295 Corsair Dominator 6GB DDR3 Tri 
Hard DriveOptical DriveCoolingOS
WD Velociraptor 300GB LG Blue-Ray & HD DVD Drive Stock Intel Cooler Windows 8 Pro with Media Centre 
MonitorKeyboardPowerCase
Samsung SyncMaster 2233 & IIYAMA Prolite E2403WS Logitech G19 Gaming keyboard Corsair HX1000W SS TJ07 
MouseMouse Pad
Logitech G400 Optical Gaming mouse Steelseries Qck + 
  hide details  
Reply
Nameless
(14 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 965 Extreme EVGA Classified E759 Limited edition NF200 EVGA GTX 295 Corsair Dominator 6GB DDR3 Tri 
Hard DriveOptical DriveCoolingOS
WD Velociraptor 300GB LG Blue-Ray & HD DVD Drive Stock Intel Cooler Windows 8 Pro with Media Centre 
MonitorKeyboardPowerCase
Samsung SyncMaster 2233 & IIYAMA Prolite E2403WS Logitech G19 Gaming keyboard Corsair HX1000W SS TJ07 
MouseMouse Pad
Logitech G400 Optical Gaming mouse Steelseries Qck + 
  hide details  
Reply
post #5 of 30
apple, apple... apple....
MEGATRON
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 4710MQ P170-SM-A Nvidia GTX 980M @ 1470mhz 32GB DDR3L 1600mhz 
Hard DriveHard DriveHard DriveOptical Drive
Samsung SSD 840 EVO Msata 250GB SanDisk SDSSDX120GG25 HGST 1TB Blu-Ray 
CoolingOSMonitorKeyboard
OverCharged Cage fans Windows 8.1 + Virtual Machines Modified 1080P glossy IPS 60hz Stock 
Power
240 Watt Brick 
  hide details  
Reply
MEGATRON
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 4710MQ P170-SM-A Nvidia GTX 980M @ 1470mhz 32GB DDR3L 1600mhz 
Hard DriveHard DriveHard DriveOptical Drive
Samsung SSD 840 EVO Msata 250GB SanDisk SDSSDX120GG25 HGST 1TB Blu-Ray 
CoolingOSMonitorKeyboard
OverCharged Cage fans Windows 8.1 + Virtual Machines Modified 1080P glossy IPS 60hz Stock 
Power
240 Watt Brick 
  hide details  
Reply
post #6 of 30
This isn 't about cloud storage guys.

Why the hell do Apple have the ability to remote wipe stuff? Is this an optional thing or what?
The Riginator
(20 items)
 
 
Wife's Rig
(5 items)
 
CPUGraphicsRAMHard Drive
Qualcomm Snapdragon S600 Adreno 330 2GB LPDDR3 NAND Storage 
Hard DriveOSMonitorKeyboard
Samsung 32GB MicroSD Android 4.4.2 KitKat 5 inch (441ppi) 1080x1920 Super AMOLED SwiftKey 
Power
2600mAh Battery 
  hide details  
Reply
The Riginator
(20 items)
 
 
Wife's Rig
(5 items)
 
CPUGraphicsRAMHard Drive
Qualcomm Snapdragon S600 Adreno 330 2GB LPDDR3 NAND Storage 
Hard DriveOSMonitorKeyboard
Samsung 32GB MicroSD Android 4.4.2 KitKat 5 inch (441ppi) 1080x1920 Super AMOLED SwiftKey 
Power
2600mAh Battery 
  hide details  
Reply
post #7 of 30
This guy got phished, and the 'hacker' had his security question answers to reset his account. Every protocol that should have been followed was followed, the only 'breech' in security was the idiot journalist who hadn't changed his password in 7 years and had no backup.
Six
(16 items)
 
  
CPUMotherboardGraphicsRAM
4930k Asus Rampage IV Gene evga 980ti SC+ 16gb Samsung 30nm 
Hard DriveOptical DriveCoolingOS
Crucial M4 256x2 Raid0 none Corsair H80 Windows 7 Ultimate 
MonitorMonitorKeyboardPower
Dell U2713HM Acer Predator XB270HU Ducky Shine 4 Corsair AX750 
CaseMouseMouse PadAudio
Silverstone FT03 Razer Deathadder 2013 Alienware Fiio e11 + AD700 
  hide details  
Reply
Six
(16 items)
 
  
CPUMotherboardGraphicsRAM
4930k Asus Rampage IV Gene evga 980ti SC+ 16gb Samsung 30nm 
Hard DriveOptical DriveCoolingOS
Crucial M4 256x2 Raid0 none Corsair H80 Windows 7 Ultimate 
MonitorMonitorKeyboardPower
Dell U2713HM Acer Predator XB270HU Ducky Shine 4 Corsair AX750 
CaseMouseMouse PadAudio
Silverstone FT03 Razer Deathadder 2013 Alienware Fiio e11 + AD700 
  hide details  
Reply
post #8 of 30
Quote:
Originally Posted by Rubers View Post

This isn 't about cloud storage guys.
Why the hell do Apple have the ability to remote wipe stuff? Is this an optional thing or what?

Apple cannot remote wipe your stuff.

If you decide to use iCloud on your Mac, iPhone, iPad etc.. then you can enable a option named find my Device If you enable it then you can log into your account from any browser or device on www.iCloud.com and then see where each device is if it is in the world if it is connected to a 3G/wifi network/GPS and then you can do several things like remotely lock it, make it play a sound and display a message or wipe it's data. This is there so that if your device is lost or stolen you can protect any sensitive data you may have had on there.

So this guy gained access to his iCloud account and his Gmail accounts and was then able to remotely wipe it.
Edited by UnAimed - 8/5/12 at 2:31pm
Nameless
(14 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 965 Extreme EVGA Classified E759 Limited edition NF200 EVGA GTX 295 Corsair Dominator 6GB DDR3 Tri 
Hard DriveOptical DriveCoolingOS
WD Velociraptor 300GB LG Blue-Ray & HD DVD Drive Stock Intel Cooler Windows 8 Pro with Media Centre 
MonitorKeyboardPowerCase
Samsung SyncMaster 2233 & IIYAMA Prolite E2403WS Logitech G19 Gaming keyboard Corsair HX1000W SS TJ07 
MouseMouse Pad
Logitech G400 Optical Gaming mouse Steelseries Qck + 
  hide details  
Reply
Nameless
(14 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 965 Extreme EVGA Classified E759 Limited edition NF200 EVGA GTX 295 Corsair Dominator 6GB DDR3 Tri 
Hard DriveOptical DriveCoolingOS
WD Velociraptor 300GB LG Blue-Ray & HD DVD Drive Stock Intel Cooler Windows 8 Pro with Media Centre 
MonitorKeyboardPowerCase
Samsung SyncMaster 2233 & IIYAMA Prolite E2403WS Logitech G19 Gaming keyboard Corsair HX1000W SS TJ07 
MouseMouse Pad
Logitech G400 Optical Gaming mouse Steelseries Qck + 
  hide details  
Reply
post #9 of 30
I bet a certain call center in the Philippines with the letters IBM who handles calls for Apple Tech Support is all topsy turvy over this issue. rolleyes.gif

Really though, guys. It's actually easy to phish for someone's information. Facebook profiles have next to everything, as much as you would allow it. I bet this guy listed all form of identification which most Tech Support call centers use to verify the legitimacy of a caller.

Eg. Address, Schools, Date of Birth, Mother's middle name. The list goes on.
post #10 of 30
Quote:
"They got in via Apple tech support and some clever social engineering that let them bypass security questions," Honan wrote.

Scary actually.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Technology and Science News
Overclock.net › Forums › Industry News › Technology and Science News › [PC](Updates) Apple Tech Support Gave Attackers Access to Journalist's iCloud