Melbourne Teen Pleads Guilty to Hacking Apple Servers and Accessing Customer Accounts [Updated]

Thursday August 16, 2018 4:08 AM PDT by Tim Hardwick
A Melbourne schoolboy has pleaded guilty to hacking into Apple's secure network after the company notified authorities of the intrusion (via The Age).

The teen, who can't be named for legal reasons, appeared at an Australian Children's Court on Thursday facing allegations of hacking into Apple's servers on multiple occasions.

Details of the case are still sketchy, but the boy's hacking is said to have begun at the age of 16, and included downloading 90 gigabytes of secure files and accessing "authorized keys" that grant login access to users.

The boy is said to have attempted to hide his identity using a number of methods including "computerized tunnels", a system which had "worked flawlessly" until the teen was caught.

That chain of events began when Apple apparently detected the unauthorized access and blocked the source of the intrusions. It subsequently notified the FBI, which passed on the information to the Australian Federal Police, resulting in a warrant being executed at the family home last year.

Prosecutors said the raid turned up a "litany of hacking files" on a computer laptop and hard drive, as well as a mobile phone with an IP address that matched the source of the intrusions.

The boy's lawyer said the teen was a fan of the company and had "dreamed of" working for Apple. His lawyer also asked the magistrate's court not to disclose some of the details of the case because the boy is well-known in the hacking community and it could put him at risk.

The magistrate's court acknowledged the guilty plea, and the case has been adjourned until next month for sentencing.

Update 8/17: An Apple spokesperson has told Reuters that no customer data was compromised in the hack. "We ... want to assure our customers that at no point during this incident was their personal data compromised," the spokesman said.

Tags: Australia, cybersecurity
109 comments


Top Rated Comments

(View all)
Avatar
decafjava
5 weeks ago

Wow, Apples services are so secure after all the celebrity accounts that were hacked, that a teenager can hack them.

Perhaps they can spend some of those billions and trillion dollar market cap on, security..

Actually this is a serious issue for Apple as lots of people rely on them for security and privacy, and if that’s seen to be weak still then it may lose sales.

The celebrity hacks were not hacks but phishing of the celebrities' passwords - old fashioned.
Rating: 28 Votes
Avatar
GGJstudios
5 weeks ago

Still a form of hacking.

Not really. Hacking implies exploiting a weakness in Apple systems. Phishing exploits a weakness in the user. Not the same thing at all. Solution to hacking is to boost software security. Solution to phishing is to educate users.
Rating: 26 Votes
Avatar
apolloa
5 weeks ago
Wow, Apples services are so secure after all the celebrity accounts that were hacked, that a teenager can hack them.

Perhaps they can spend some of those billions and trillion dollar market cap on, security..

Actually this is a serious issue for Apple as lots of people rely on them for security and privacy, and if that’s seen to be weak still then it may lose sales.
Rating: 21 Votes
Avatar
Keane16
5 weeks ago

Hmm last time I checked my bank and Amazon have not been hacked yet..


The amount of silly assumptions in your post make my brain hurt.

Amazon have had issues too, just because you haven't been affected doesn't mean others haven't:

https://www.pymnts.com/amazon/2017/sellers-lose-thousands-as-amazon-marketplace-is-hit-by-hackers/

Plenty of banks have been hacked.

Britain - https://thefinanser.com/2016/11/british-bank-third-customers-accounts-hacked.html/
Italy - https://www.express.co.uk/finance/city/833440/italy-unicredit-bank-hacked-cyberattack-italian-banking-major-security-breach
Russia - https://www.dw.com/en/hackers-stole-6-million-in-russia-bank-attack-via-swift-system/a-42616207
Canada - https://www.csoonline.com/article/3276275/data-breach/2-canadian-banks-hacked-90000-customers-data-stolen.html
USA (accounting/consultancy) - http://fortune.com/2017/09/25/deloitte-hack/

You clearly lack understanding of IT security. All the big companies throw an insane amount of money at it. But as we've seen big companies like Google with Gmail and Apple in this article or small, Plex (https://lifehacker.com/plex-hacked-change-your-password-now-1715355825) - can be targeted and can be compromised.


these kids are not ‘wicked intelligent’ they are criminals, thief’s that steal on mass


You can be both. They are not mutually exclusive.

And yes to pull this kind of thing off you have to be pretty intelligent, e.g.: https://techcrunch.com/2011/08/26/apple-hires-iphone-hacker-nicholas-allegra-comex/

So the stars that sued Apple over their accounts being ‘hacked’, because it was still a form of hacking, are fake news are they?


Did any of theses "celebs" win and on what grounds? Because you can sue for anything, whether you were right to sue and win your case is another...
Rating: 17 Votes
Avatar
klunernet
5 weeks ago

Wow, Apples services are so secure after all the celebrity accounts that were hacked, that a teenager can hack them.

Perhaps they can spend some of those billions and trillion dollar market cap on, security..

Actually this is a serious issue for Apple as lots of people rely on them for security and privacy, and if that’s seen to be weak still then it may lose sales.


Don’t be ridiculous. This is no ordinary kid. These hackteens are wicked intelligent. Companies like apple spend a fortune on security, but there is always a way in. It’s only a question of how hard.
Rating: 16 Votes
Avatar
badatusernames
5 weeks ago
Clearly has talent. Hopefully in the future he can use it for good :-)
Rating: 16 Votes
Avatar
RightMACatU
5 weeks ago

the teen was a fan of the company and had "dreamed of" working for Apple

Committing a crime against a company who want to work for is not the smartest thing to do. :rolleyes: Don't want to see how he deals with girls he likes at school :D
Rating: 12 Votes
Avatar
Jetfire
5 weeks ago
I want more details. Was this actually hacking? Or was it just phishing or other social engineering unauthorized access? What did he get? Customer data? if so was it encrypted? Or did he just get Apple data? Like iOS or internal Data?
Rating: 12 Votes
Avatar
Xgm541
5 weeks ago

Hmm last time I checked my bank and Amazon have not been hacked yet.. these kids are not ‘wicked intelligent’ they are criminals, thief’s that steal on mass and then sell the information on, or use it for blackmail, they pick in weak systems, they should be thrown in jail for life, send a message to Therese idiot criminals.

It’s always if question if a company choosing NOT to spend enough in security if it’s hacked, perhaps you don’t remember the Sony PlayStation Network fiasco, all because they did security on the cheap.
I bet if you speak with security experts they’ll blame Apple.



Still a form of hacking.
[doublepost=1534419377][/doublepost]

So the stars that sued Apple over their accounts being ‘hacked’, because it was still a form of hacking, are fake news are they?

You can't give your password to someone and complain you got "hacked" lol.
Rating: 10 Votes
Avatar
decafjava
5 weeks ago

Hmm last time I checked my bank and Amazon have not been hacked yet.. these kids are not ‘wicked intelligent’ they are criminals, thief’s that steal on mass and then sell the information on, or use it for blackmail, they pick in weak systems, they should be thrown in jail for life, send a message to Therese idiot criminals.

It’s always if question if a company choosing NOT to spend enough in security if it’s hacked, perhaps you don’t remember the Sony PlayStation Network fiasco, all because they did security on the cheap.
I bet if you speak with security experts they’ll blame Apple.



Still a form of hacking.
[doublepost=1534419377][/doublepost]

So the stars that sued Apple over their accounts being ‘hacked’, because it was still a form of hacking, are fake news are they?


Pay attention, if a thief steals a key to a safety deposit box cause you left it around in a public place then gains access to the bank (I know now ID is demanded etc.) then it isn't the bank's fault but yours. If the thief manages to crack the safe then the bank is at fault. In both cases the thief is going to jail and no one here is praising the hacker.

The Hollywood folks who sued wanted to cover their own neglect.
Rating: 10 Votes
[ Read All Comments ]