Hacker Leaks Claimed Apple Internal Software Development Tools

The notorious threat actor and data broker “IntelBroker” has claimed responsibility for a data breach at Apple, announcing the leak of internal source code for three of the company's internal tools on BreachForums. While Apple has not confirmed the breach, the detailed post on the forum suggests significant exposure of sensitive information.

IntelBroker posted the following message on BreachForums yesterday:

“Today, I'm releasing the internal source code to 3 of Apple's commonly used tools for their internal site, thanks for reading and enjoy!”

The exposed tools are:

• AppleConnect-SSO
• Apple-HWE-Confluence-Advanced
• AppleMacroPlugin

The ‘Tree' structure shared as a sample provides an in-depth look at the contents of these tools, indicating a significant amount of proprietary information has been exposed.

For Apple-HWE-Confluence-Advanced, there are JavaScript files, CSS files, images (png and svg), and directories. For AppleConnect-SSO, there are key modules like ‘ConfluenceSSORedirect' and ‘jira-auth,' as well as various license files, configuration files, templates, and source files. Finally, AppleMacroPlugin has Java files, resources (templates, UI elements, JS code, CSS), and various readme and XML files.

IntelBroker, who just yesterday claimed another high-profile breach against chip maker AMD, currently under investigation, has opted not to sell the Apple data on BreachForums, but instead give it away to anyone paying the nominal cost of 8 credits, roughly $2.

If verified, this breach could have serious implications for Apple. The exposure of source code for internal tools such as AppleConnect-SSO could provide attackers with valuable insights into the inner workings of Apple's authentication systems, potentially leading to exploitation and unauthorized access. Leaked information about Apple's internal tools could disrupt its internal operations, requiring significant resources to review, update, and secure affected systems.

Ultimately, a breach of this nature would harm Apple's reputation, undermining customer trust and confidence in the company's ability to safeguard its data and systems.