Intelbroker, a notorious criminal, has certainly been busy this week as they claimed to have hacked AMD and now Apple. On Thursday they posted a message on an forum saying they had managed to access internal source code for three Apple's tools, just a day after a similar claim involving AMD, reports The Cyber Express. Apple has yet to confirm the breach, but the potential impact could be significant.
Intelbroker posted on BreachForums, stating they had obtained source code for AppleConnect-SSO, Apple-HWE-Confluence-Advanced, and AppleMacroPlugin tools meant for internal use. AppleConnect-SSO is used for authentication within Apple's network, while Apple-HWE-Confluence-Advanced is likely for internal information sharing, and AppleMacroPlugin facilitates internal processes, The Cyber Express suggests.
Intelbroker's post did not specify if the data was for sale, but the forum screenshot shared by Hackmanac indicated this possibility, reports 9to5Mac. It should be noted that dark web forums often vet data to prevent scams, and Intelbroker's growing reputation suggests credibility. However, there is always a risk of fraudulent claims in such situations so take the news with a pinch of salt.
The situation remains unconfirmed as Apple has not responded to a request for comment sent by The Cyber Express. There is also lack of any reports about the alleged breach at prominent news agencies, such as Bloomberg and Reuters. For obvious reasons, verification of the breach would require Apple to patch vulnerabilities and enhance security measures to prevent further damage. This highlights the ongoing challenges in cybersecurity for tech companies.
The breach, if confirmed, could expose vulnerabilities and compromise Apple's internal operations. While the company is known for robust security (and ultimate secrecy when it comes to working on projects), it still faced cyber threats in the past, according to the report.
In addition to a potential breach of AMD's internal network earlier this week (which AMD says will not have a material impact), IntelBroker's history of high-profile breaches adds weight to these claims. Previous victims include Europol, Panda Buy, Home Depot, General Electric, USCIS, and Facebook Marketplace.