Apple has reportedly been the target of a data breach that resulted in hackers stealing the source code of its internal tools. A threat actor group named ‘IntelBroker’ has claimed responsibility for stealing the source code for three internal tools commonly used by the tech giant. IntelBroker reportedly posted details of the breach on a dark web forum, weeks after a hacking group also claimed to have breached AMD’s website.
According to a post on Dark Web Informer’s X (formerly known as Twitter), IntelBroker hacked and stole the source code of three internal tools used by Apple employees — AppleConnect-SSO, Apple-HWE-Confluence-Advanced, and AppleMacroPlugin.
Screenshot of hacker’s dark web forum post (tap to expand)
Photo credit: X/ @DarkWebInformer
Although there is no information about two of these three tools, the 9to5Mac report reveals that AppleConnect-SSO is the authentication system used by Apple employees. It allows employees to access specific applications within Apple’s network and is designed to integrate with the company’s Directory Services database.
According to the publication, Apple employees allegedly used the system to securely access the company’s internal resources. The tool is also said to be integrated within the Concierge app, which is used by employees at Apple Stores.
Dark web monitoring shared a screenshot from the dark web forum BreachForums, where in a post the hacking group said: “I’m publishing the internal source code for three of Apple’s frequently used tools to their internal site, thanks for reading and enjoy .” IntelBroker did not share any other details about the breach. It is also unclear whether the source code is offered for free or for sale. by the group.
Notably, posters on the dark web often claim to have hacked the databases of major tech companies in an attempt to sell fake data and make a quick buck. It’s hard to say whether the Apple hack is one of those cases, or whether the company actually suffered a cyber attack. Gadgets 360 was unable to verify these claims. We’ve reached out to Apple for comment on the story and will update this article when we hear back.
Separately, a report from BleepingComputer reveals that the same threat actor also claimed to have stolen AMD employee data, financial documents and confidential information after hacking the company’s website. AMD has now told the publication that it is investigating the claim.
