On Friday, Wired author Mat Honan recounted the tale of how his iCloud account was hacked which resulted in his iPhone, iPad and MacBook Air getting far flung wiped.
the purpose of entry seemed to be his iCloud account which was once then used to gain get right of entry to to Gmail after which his and former-supplier Gizmodo’s Twitter money owed.
At four:50 PM, any person acquired into my iCloud account, reset the password and despatched the affirmation message concerning the reset to the trash. My password used to be a 7 digit alphanumeric that I didn’t use in other places.
…
The backup e mail address on my Gmail account is that same .mac email address. At four:fifty two PM, they despatched a Gmail password restoration email to the .mac account. Two minutes later, an email arrived notifying me that my Google Account password had modified.At 5:00 PM, they far flung wiped my iPhone
At 5:01 PM, they faraway wiped my iPad
At 5:05, they far flung wiped my MacBook Air.a few minutes after that, they took over my Twitter. as a result of, a very long time ago, I had linked my Twitter to Gizmodo’s they have been then able to gain entry to that as smartly.
Honan wasn’t totally certain how the hackers had gotten get admission to to his iCloud account. His bet was that that they had one way or the other brute-pressure guessed the password, while others speculated his password had been keylogged or used in another insecure carrier.
as it turns out, the hacker was once in a position to name Apple give a boost to and convince them they had been the user. From an replace to the unique blog publish:
i understand how it was performed now. established with each the hacker and Apple. It wasn’t password related. They bought in by the use of Apple tech strengthen and a few artful social engineering that allow them bypass security questions.
After convincing Apple enhance that they had been Mat Honan, the hacker had Apple reinforce alternate Honan’s iCloud password which gave them full get entry to. From there, they were in a position to function the far flung wipes on Honan’s gadgets the use of Apple’s find My iPhone service which offers far flung wipe as a security characteristic for misplaced gadgets.
As a slightly public determine, Honan may have been an more uncomplicated goal than the average iCloud person, but many customers might also have private knowledge publicly to be had on on-line services and products similar to facebook which may be used in a similar fashion. Forbes’ Adrian Kingsley-Hughes suggests that Apple “needs to tighten up security and come clean about what went fallacious right here.”
contemporary Mac and iOS blog stories
• Sketchy photographs of Claimed 'iPad Mini' Rear Shell convey No digicam hole
• Firemonkeys Previews real Racing 3 for iPhone and iPad
• Evernote adds Account Switching in update to Mac model
• Apple store iOS App updated With 'efficiency Enhancements' and iWork Preinstall option
• Key Apple Chip designer Jim Keller Returns to AMD
extra: persisted here