Briefly: Intelbroker is gaining a status for breaching some big-name entities. After it hacked AMD, the group now says it has additionally compromised Apple. Nonetheless, it’s tough to confirm these claims, and Apple has but to reply. That is what we all know thus far.
Infamous cybercriminal Intelbroker has made one other eyebrow-raising declare on darkish internet discussion board BreachForums following its report of breaking into AMD final week. A day later, the group mentioned it additionally compromised Apple, stealing its supply code for inside instruments, together with AppleConnect-SSO, Apple-HWE-Confluence-Superior, and AppleMacroPlugin, in addition to workers’ personally identifiable info and different information.
AppleConnect-SSO is an authentication system that permits workers to entry particular functions inside Apple’s community. An ex-Apple retail worker instructed 9to5Mac that AppleConnect serves as the worker equal of an Apple ID and is used to entry all inside techniques, except electronic mail. Not a lot is thought in regards to the different two instruments, however it’s speculated that Apple-HWE-Confluence-Superior is probably going used for inside info sharing, and AppleMacroPlugin facilitates inside processes.
Apple has not confirmed the breach, and AMD mentioned that it’s working carefully with regulation enforcement officers and a third-party internet hosting companion to analyze the declare and the importance of the info. Intelbroker posted screenshots from AMD’s inside techniques to show it has the info.
In the meantime, Darkish Internet Informer, who publishes info they discover on the darkish internet on X, has posted screenshots that say Intelbroker has launched the interior supply code to 3 of Apple’s generally used instruments for his or her inside website.
ð¨MAJOR DATA BREACHð¨IntelBroker has allegedly leaked #Apple‘s Inner Instruments.
IntelBroker has launched the interior supply code to three of Apple’s generally used instruments for his or her inside website,
In June 2024, https://t.co/uGXK0plIJe suffered a knowledge breach and result in the publicity… pic.twitter.com/Nm2cgyUhQ3
– Darkish Internet Informer (@DarkWebInformer) June 18, 2024
Extra info comes from safety vendor AHCTS, which claims that its Intelligence workforce bought the info for the USD equal of roughly $11. It additionally says that the leaked information doesn’t embrace inside Apple instruments, however as a substitute comprises inside customized integrations to attach Apple proprietary authentication techniques to Atlassian Jira and Confluence, for SSO authentication throughout the Apple company community. “Primarily based on info contained throughout the leaked information, the supply code handles the authentication to retail-confluence.apple.com, a Confluence server which isn’t routable on the general public web,” it mentioned.
There have been earlier instances of cybercriminal gangs making false claims about infiltrating large organizations and having stolen information to promote. The AMD and Apple breaches, although, do seem they might be real, although there is no such thing as a option to know for positive. Apart from the sightings of the stolen information on the darkish internet, Intelbroker itself is gaining a status for its cybertheft exploits. It has beforehand claimed to have breached the Los Angeles Worldwide Airport to entry private and flight particulars. It additionally broke into US federal expertise consulting agency Acuity, compromising federal businesses, and Shoprite, Africa’s largest retailer. Intelbroker has additionally tried to promote information allegedly stolen from Europol, The House Depot (through a third-party vendor), and medical health insurance market DC Well being Hyperlink.
