updated 03:05 pm EDT, Wed May 3, 2006
Apple Store hacked
Apple's new "Get A Mac" ad campaign may be defending the Mac OS operating system, but the company suffered an embarrassing security setback as the Korean-localized version of its online Apple Store was hacked last Thursday. The Web-based store, which runs Apple's own WebObjects and Apache on Mac OS X, was defaced earlier today, according to Silicon.com. "The defacement - which took the form of a dozen lines of code posted to the apple.co.kr homepage - was documented on hackers' forum zone-h.org, which said Dinam attacked a Mac OS X server running Apache," according to the report. Although Apple promptly removed the defacement and has since resumed normal operation, the company refused to comment on the attack.
It is unclear whether the hacker used an already known or previously patched exploit or whether he was able to find a security flaw. Apple has patched Mac OS X several times in the last month, which includes offering fixes for Apache flaws.
Although the Turkey-born hacker was after little more than "self-gratification" through vandalising the site, one security expert believes that Apple should be proactive with its customers and offer some details on what happened--both to end speculation and alleviate any future security concerns.
Jason Hart, CEO of security company Whitehat UK, told Silicon.com that "the worst thing Apple can do is not tell customers what has happened. It's like all the big companies though - they're constantly having to defend themselves as they're being probed all the time."