Apple has reportedly been the target of a data breach that resulted in a hacker stealing the source code of its internal tools. A group of threat actors calling themselves “IntelBroker” has claimed responsibility for stealing the source code of three internal tools commonly used by the tech giant. IntelBroker has reportedly posted the details of the breach on a dark web forum, weeks after the hacker group also claimed to have breached AMD's website.
According to a post on X (formerly known as Twitter) by Dark Web Informer, IntelBroker cracked and stole the source code of three internal tools used by Apple employees: AppleConnect-SSO, Apple-HWE-Confluence-Advanced, and AppleMacroPlugin .
A screenshot of the hacker's dark web forum post (tap to enlarge)
Photo credit: X/ @DarkWebInformer
Although there is no information about two of these three tools, a 9to5Mac report reveals that AppleConnect-SSO is an authentication system used by Apple employees. It allows employees to access specific applications on the Apple network and is designed to integrate with the company's directory services database.
According to the publication, Apple employees used the system to securely access internal company resources. The tool is also reportedly integrated into the Concierge app, which is used by Apple Store employees.
The dark web tracker shared a screenshot from the dark web forum BreachForums, where in a post, the hacker group said: “I am releasing the internal source code to three of the commonly used tools from Apple for its internal site, thanks for reading and enjoying it.” IntelBroker did not share any other details about the breach, nor is it clear whether the source code is being offered for free or sold by the group.
In particular, dark web posters often claim to have hacked the databases of major tech companies in an attempt to sell fraudulent data and make a quick buck. It's hard to say whether the Apple hack is one of those cases, or if the company actually suffered a cyber attack. Gadgets 360 has been unable to verify these claims. We've reached out to Apple for comment on the story and will update this article when we hear back.
Separately, a report from BleepingComputer reveals that the same threat actor also claimed to have stolen AMD employee information, financial documents and confidential information after hacking the company's website. AMD has now told the publication that it is investigating the claim.
