or Connect
AppleInsider › Forums › General › General Discussion › Alleged Foxconn hack allowed bogus orders to be placed for vendors
New Posts  All Forums:Forum Nav:

Alleged Foxconn hack allowed bogus orders to be placed for vendors

post #1 of 9
Thread Starter 
A "Greyhat" hacking group announced this week that it had successfully hacked contract manufacturer Foxconn and released usernames and passwords for vendors that could be used to place fraudulent orders for companies like Apple and Microsoft.

Swagg Security published a statement (via MacRumors) on Wednesday taking credit for hacking the company's servers. The group cited "the hilarity that ensues when compromising and destroying an infrastructure" as the reason for its actions.

They did, however, also state that they were "considerably disappointed" with the inhuman working conditions at Foxconn and were also "slightly interested in the existence of an Iphone 5," but they denied that those were reasons for their hack.

"We aim to to reshape your perspectives, our perspectives, by the inducing of entertainment. A unique approach to spreading a unique philosophy which brings the sought after tranquility. In a way we are "hacktivist", but in our own views we are Greyhats," the group wrote.

Swagg Security alleged that it had bypassed Foxconn's firewall "almost flawlessly." Using several hacking techniques and a couple of days time, the hackers reportedly dumped "most of everything of significance," including usernames and passwords. According to the group, the leaked passwords "could allow individuals to make fraudulent orders under big companies like Microsoft, Apple, IBM, Intel, and Dell."

Foxconn administrators eventually took down services.foxconn.com, the hacking group noted on Twitter late Wednesday, quipping that one too many orders had been placed.

AppleInsider contacted Foxconn for confirmation that a security breach took place, but the company responded that it does not comment on matters of "internal network security."

Foxconn has been under scrutiny as of late after reports from The New York Times and CNN claimed the company is committing labor abuses against its workers. The backlash against the company are expected come to a head on Thursday when an activist group holds a demonstration outside of Apple's new Grand Central Terminal store and delivers petitions calling for Apple, one of Foxconn's biggest clients, and Foxconn to improve working conditions at the manufacturer's facilities.

[ View article on AppleInsider ]
post #2 of 9
Right. I'm sure it'll still be hilarious when you hacktivists are in jail.
post #3 of 9
Quote:
Originally Posted by LighteningKid View Post

Right. I'm sure it'll still be hilarious when you hacktivists are in jail.

It would be worth it if it stopped another ipad plant from having an explosion.

No matter what type of media...movies, music, books, photos and web pages

look better and sound better on the Kindle Fire HD and HDX than any iPad

Reply

No matter what type of media...movies, music, books, photos and web pages

look better and sound better on the Kindle Fire HD and HDX than any iPad

Reply
post #4 of 9
Quote:
Originally Posted by Russell View Post

It would be worth it if it stopped another ipad plant from having an explosion.

You probably mean well so I'm not going to reply to that.
You talkin' to me?
Reply
You talkin' to me?
Reply
post #5 of 9
Not a very secure choice of password Apple!
post #6 of 9
Quote:
Originally Posted by ascii View Post

Not a very secure choice of password Apple!

post #7 of 9
Quote:
Originally Posted by LighteningKid View Post

Right. I'm sure it'll still be hilarious when you hacktivists are in jail.

I can't understand how they can avoid jail time. They just publicly announced that they committed a felony.

And I don't care if they're unhappy with Foxconn's working conditions. It's illegal and wrong. No gray about it at all.

Jerks.
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
post #8 of 9
Quote:
Originally Posted by ascii View Post

Not a very secure choice of password Apple!

It might explain why they leave encryption passwords in the open in their OS.

id: APPLE
pw: foxconn2

I imagine the 2 was only added after the signup said the password had to have at least one number in it.

Not that these login details would actually allow you to place a multi-million unit order of course. It's not like ordering pizza for someone where Tim arrives at the doors of Apple HQ to find a million boxes, saying to the courier 'I didn't order these'.

The best they could be used for is checking order progress on the next iPad but it seems they haven't leaked any meaningful info at all.

Quote:
Originally Posted by jragosta

I can't understand how they can avoid jail time. They just publicly announced that they committed a felony.

It's not like they are a registered, trading security company. The whole point is you don't know who they are.
post #9 of 9
it's not Greyhat - the original statement was that they are Asshats.

I am quite sure there are plenty of folks do are unable to see the hilarity in an security breach.

And regardless of their intention the outcome may include consequences that they did not anticipate.

Oh the whole it does not sound like a very serious problem (in terms of number of people affected, or any financial impact) - but should serve as a good wake up call to anyone who hears about it to review their own security policies.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: General Discussion
AppleInsider › Forums › General › General Discussion › Alleged Foxconn hack allowed bogus orders to be placed for vendors