[ISN] Apple online store hacked

From: InfoSec News (isn@private)
Date: Thu May 04 2006 - 01:15:36 PDT


By Dan Ilett
3 May 2006

Apple's Korean online store has been defaced by a hacker.

The attack, carried out by someone working under the name 'Dinam', who
claimed in his post to be Turkish, was brought to the attention of
silicon.com last Thursday.

The defacement was removed from Apple's website shortly after
silicon.com alerted the company.

Apple has subsequently refused to comment on the matter.

Jason Hart, CEO of security company Whitehat UK, told silicon.com:  
"The defacer has managed to get administrator access to the web

Although Hart suspected the hacker was after little more than
"self-gratification" through vandalising the site, he said Apple
should communicate what happened to its customers to end speculation.

Hart said: "The worst thing Apple can do is not tell customers what
has happened. It's like all the big companies though - they're
constantly having to defend themselves as they're being probed all the

The defacement - which took the form of a dozen lines of code posted
to the apple.co.kr homepage - was documented on hackers' forum
zone-h.org, which said Dinam attacked a Mac OSX server running Apache.

Richard Starnes, president of the Information Systems Security
Association UK, said: "Defacements are not that big a deal provided
the customer data has not been disclosed or they have suffered an
economic impact.

"Defacements just tend to be embarrassing. But we know Apple is a good
company and takes defacements seriously."

Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.

This archive was generated by hypermail 2.1.3 : Thu May 04 2006 - 01:26:07 PDT