Ransomware attack on Apple repair partner causing delayed repairs, lost products

Posted:
in General Discussion
Apple depot repair vendor CSAT Solutions has been hit with a ransomware attack that calls its overall security into question -- and is causing extended mail-in repair times and in some cases lost customer hardware.

CSAT Solutions hit with ransomware attack causing hiccups in Apple repair pipeline
CSAT Solutions hit with ransomware attack causing hiccups in Apple repair pipeline


The attackers provided screenshots of internal tools used by CSAT and posted screenshots of computer directories online. The attack appears to be directly on CSAT and not on the computers being repaired at the facility.

In order to rectify the situation and ensure consumer hardware was not impacted by the attack, repair times have been be extended to perform additional checks. Anyone who has shipped their Mac to Apple within the last two weeks could be affected by the delay.

Only thing you can do is be very patient with the situation, deal with more CRU's and pretty much deal with the customer backlash.

Personal opinion but it's highly likely this will continue (to some extent) into January 2021

-- Fudge (@choco_bit)


Known Apple leaker Fudge shared the details of the leak and shared concerns on Twitter. The leaker's connection with Apple Authorized Service Providers made them concerned over the security implications for Apple users. Fudge urges anyone receiving their computers from Apple repair to do a full DFU restart, though that may not be warranted. AppleInsider does concur with the leaker's advice to perform a clean install of the operating system for any returned device for the foreseeable future.

A report from iTWire details the attack, stating it was conducted using "NetWalker," an attack that only works on Windows. This means the attack should have only affected the CSAT systems and likely not the Macs they were working on.

Apple does use a variety of other depot-level repair facilities and does do some repairs in-house at Apple Stores, so not every repair will be affected. Apple is able to divert repairs to other facilities while those currently at CSAT are evaluated or replaced.

AppleInsider has reached out to Apple for comment.

Comments

  • Reply 1 of 10
    mac_dogmac_dog Posts: 1,069member
    And this is where quality control falls apart. Perhaps politicians should have their Apple products repaired by one of these chop shops first, then take a vote. 
  • Reply 2 of 10
    GeorgeBMacGeorgeBMac Posts: 11,421member
    But, this may be hard to avoid:   At least in my own Apple Store repair technicians were moved out of the stores to work from home on the online support system.  The result is that it takes a week just to get an appointment for your equipment to be looked at in the store.   I have no idea what the repair times may be -- they might be shipping them out anyway.
  • Reply 3 of 10
    Well... as someone who has gone through a really bad ransomware attack somewhat recently, I can only say good luck to those working on it. It suuuucks.

    But, at least for us, it totally changed our perspective on security. If they're anything like us (and they very well may NOT be) they'll be a much more secure company (IT-wise) in, say, a year.

    And if they're not, they'll get hit again. (I know of one company that got hit 3x in 8 weeks. It eventually sunk in...)
    watto_cobra
  • Reply 4 of 10
    sflocalsflocal Posts: 6,092member
    I have friends at two companies that got hit by ransomware.  One shop was down for three weeks and had minimal (if any) real IT support.  It was disastrous.  They did everything and anything to keep it from going public.  It's actually quite sad the lengths that some companies will go to hide the fact that they have little to no security of their data.  

    I don't think many companies do ever learn from this mistake.  Security is never a one-time solution.  It's a whack-a-mole game and one always has to be ready and plan for a never-ending barrage of attacks.

    GeorgeBMacwatto_cobra
  • Reply 5 of 10
    I guess I lucked out.  I had my MacBook Pro serviced (for the "stagelight" defect that finally hit me) and the turnaround was amazing.  I live in the DC area.  I had an appointment at a Virginia Apple Store for 5:45pm on Black Friday.  They shipped it to a repair depot in Memphis (called "Flex" apparently?) and I had it back in my hands (shipped to my home) Tuesday morning.  That's less than 2 business days.
    watto_cobra
  • Reply 6 of 10
    They shipped it to a repair depot in Memphis (called "Flex" apparently?)
    Formerly known as Flextronics, they are a large Singapore-based contract manufacturer/assembler/repairer. 
    GeorgeBMacrandominternetpersondysamoriawatto_cobra
  • Reply 7 of 10
    BeatsBeats Posts: 3,073member
    And iHaters complain that "greedy Apple" won't let everyone repair their products.

    Even with Apple management, problems still arise. Imagine if iKnockoff morons(who don't support Apple anyway) had their way and Uncle Joe or Neighbor Bob was running an Apple repair shop? Then they would complain that Apple doesn't care about their customers.
    GeorgeBMacDancingMonkeys
  • Reply 8 of 10
    dysamoriadysamoria Posts: 3,430member
    mac_dog said:
    And this is where quality control falls apart. Perhaps politicians should have their Apple products repaired by one of these chop shops first, then take a vote. 
    Chop shops? Did the article not indicate this is a company that services Apple customers FOR Apple?
  • Reply 9 of 10
    dysamoriadysamoria Posts: 3,430member
    Beats said:
    And iHaters complain that "greedy Apple" won't let everyone repair their products.

    Even with Apple management, problems still arise. Imagine if iKnockoff morons(who don't support Apple anyway) had their way and Uncle Joe or Neighbor Bob was running an Apple repair shop? Then they would complain that Apple doesn't care about their customers.
    What do any of your comments have to do with the article? Did it not indicate CSAT Solutions is an Apple partner?
  • Reply 10 of 10
    I guess I lucked out.  I had my MacBook Pro serviced (for the "stagelight" defect that finally hit me) and the turnaround was amazing.  I live in the DC area.  I had an appointment at a Virginia Apple Store for 5:45pm on Black Friday.  They shipped it to a repair depot in Memphis (called "Flex" apparently?) and I had it back in my hands (shipped to my home) Tuesday morning.  That's less than 2 business days.

    CSAT Solutions is Apple's "Houston" facility. "Memphis" was not affected by this attack. It's a different company and each depot location repairs different devices.



Sign In or Register to comment.