Apple Dev Center was hacked via remote code execution bug

Apple’s ever expanding article listing researchers’ credits for finding and reporting potential security issues in Apple’s web servers has some new entries, and reveals that UK-based researcher Ibrahim Balic is not to blame for last month’s outage of the Apple developer center.

After the dev center went offline on July 18th, Balic believed that his penetration testing efforts were the cause.

Having accessed some user details after testing one of the bugs and witnessing the developer portal being shut down just several hours after he made his final report, then reading in the news about the hack and possible involvement of legal authorities into the investigation, he panicked and tried set the record straight online.

He publicly stated that he had been recently doing research on Apple and that the discovered – and reported – some 13 bugs to the company.

“I did not done this research to harm or damage. I didn’t attempt to publish or have not shared this situation with anybody else. My aim was to report bugs and collect the datas for the porpoise of seeing how deep I can go within this scope. I have over 100.000+ users details and Apple is informed about this. I didn’t attempt to get the datas first and report then, instead I have reported first,” he explained.

But, as it turns out, he shouldn’t have worried, as the break-in seems to have been executed via a remote code execution flaw that has since been patched. According to Mac Rumors, the issue was reported by 7dscan.com and SCANV of knownsec.com on the day of the hack.

Apple has not shared more details about the attack since the initial notice saying that an intruder tried to access personal information of their registered developers.

But, as it took them nearly three weeks to bring completely overhaul the developer program services and bring them back online, they did give developers an extension to their developer memberships by one month.