Turkish security researcher Ibrahim Balic now claims he was behind the attack Apple admitted to in a statement to its developer network last Thursday, July 18, saying that sensitive personal information of some 275,000 members may have been compromised.
Contrary to widespread assumption and belief, Balic says his intention was not to cause any harm to Apple developers.
Balic claims he discovered and reported the vulnerability to Apple but he went on to exploit flaw, granting him access to developers’ personal information including names, mailing addresses, and/or email addresses. Thirteen vulnerabilities were found total, and he demonstrated one of them in a YouTube video that has since been pulled. The clip might have exposed some users’ names and IDs. Balic tweeted his justification of the video, claiming it was paramount in proving the seriousness of the security flaw.
SOURCE: tirosec.com
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.