Hackers Reset Former Gizmodo Writer's iCloud Password Via Apple Tech Support

[Phillip Swanson]

Friday’s Gizmodo breach by a group called Clan W3 is now being blamed on Apple’s iCloud and Apple tech support.

The breach affected former Gizmodo writer Matt Honan’s personal computers and social media accounts, which included access to Gizmodo’s official Twitter account. The hackers were able to access Honan’s iCloud account through some old-fashioned tech support manipulation.

“I know how it was done now. Confirmed with both the hacker and Apple. It wasn't password related. They got in via Apple tech support and some clever social engineering that let them bypass security questions. Apple has my Macbook and is trying to recover the data. I'm back in all my accounts that I know I was locked out of. Still trying to figure out where else they were.” — Honan

The hackers were apparently able to reset Honan’s password with their “social engineering” and access Honan’s iCloud account. The group then proceeded to wipe Honan’s iPhone, iPad, and MacBook Air. Honan first noticed something was amiss when his phone restarted while playing with his daughter. Honan attempted to connect his phone to his laptop when he noticed his Gmail account wasn’t syncing with Calendar. Honan checked his iPad, and it too was wiped clean.

Moral of the story? Better security questions, better passwords, and less oblivious tech support.

Source: Matt Honan's Tumblr [CNET]

[harmycl]

Yes, it's funny how everything is more and more tied to your email account,
if a hacker gets in, he can reset your Twitter and facebook account password and gain access to them as well,
so he can upload all sorts of stuff to your social networks.
He can access your Dropbox or other online file storage you might have for your precious files.
And he can wipe all your iDevices.

Pretty nasty if you ask me.

Security questions are a JOKE! Like you are the only one that knows your mother's place of birth, or your fathers name???
Oh my god...

[bigboyz]

Yikes! That is a horrible feeling im sure.

[mmaboi21]

Man that sucks:/

[Dark_Ninja]

Ummm this would be a basic virus wouldn't it? No it's not a computer program but all a virus is something that can negatively access your personal stuff I guess it's a human form virus but oh, a lot of people think Apple products can't get viruses.. Haha so naive children.

[mmaboi21]

Ummm this would be a basic virus wouldn't it? No it's not a computer program but all a virus is something that can negatively access your personal stuff I guess it's a human form virus but oh, a lot of people think Apple products can't get viruses.. Haha so naive children.

I guess this proves them wrong

[Dark_Ninja]

I guess this proves them wrong

Haha it shows that you need to tighten up on ur passwords and dont choose the where were u born security question lol. And it proves apple needs to tighten up their tech support. And people need to realize that as apple gets more popular they will be targeted a lot more for this and other types of virus attacks.

[Mrteacup]

Ummm this would be a basic virus wouldn't it? No it's not a computer program but all a virus is something that can negatively access your personal stuff I guess it's a human form virus but oh, a lot of people think Apple products can't get viruses.. Haha so naive children.

By virus people dont mean the direct definition. We are talking about malware. Downloaded malware. Apple products aren't invulnerable to malware hell were on a jail breaking based website. However apple products are far more secure.

Also NOTHING is completely invulnerable to a virus by this definition. And a virus is actually a hidden program that duplicates itself and negatively effects it.

The fact you chose this article to use as an example of a virus makes you look naive. Customer support is far less of a virus compared to Trojan flashback.

This is a feature of apple products not a virus. Being able to wipe your products is a feature apple intended to have its not a clever program written by hackers.

[patoons]

Security questions are a JOKE! Like you are the only one that knows your mother's place of birth, or your fathers name???
Oh my god...

lol that's why u don't answer security questions truthfully. if your mom was born in NYC, put Tokyo and just remember that u did that should u need to recall.

[Dark_Ninja]

By virus people dont mean the direct definition. We are talking about malware. Downloaded malware. Apple products aren't invulnerable to malware hell were on a jail breaking based website. However apple products are far more secure.

Also NOTHING is completely invulnerable to a virus by this definition. And a virus is actually a hidden program that duplicates itself and negatively effects it.

The fact you chose this article to use as an example of a virus makes you look naive. Customer support is far less of a virus compared to Trojan flashback.

This is a feature of apple products not a virus. Being able to wipe your products is a feature apple intended to have its not a clever program written by hackers.

Umm you realize the problem is that Apple products just seem more secure because they aren't a highly targeted OS right now because not everyone has one but that's changing my friend and btw I'm far away from being naive.

[mmaboi21]

I agree with your reply to me and that apple isn't highly targeted ATM but you have to give credit to the locked down IOS. If it were not for jailbreaking most people wouldn't be able to get in.

[Micturition]

Thats why i have 4 emails. All incrementally important.
1 Bank
2 School and work and some online shopping
3 Personal and more online shopping
4 Anything thats probably spam
All different passwords that have never been written (or typed) that i will never forget
And of course good security questions and answers

[raduga]

the vulnerability here wasn't in Apple's OS, folks.
the "hacker" exploited the Genius Bar to get in.

This particular problem shows up when you trust "geniuses" with your personal stuff.
I don't.

(not even Steve Jobs)

[Dark_Ninja]

the vulnerability here wasn't in Apple's OS, folks.
the "hacker" exploited the Genius Bar to get in.

This particular problem shows up when you trust "geniuses" with your personal stuff.
I don't.

(not even Steve Jobs)

You are right

[JimboHurt]

Edit

[AKCHRIS]

LOL..thats why i make a copy of my Passwords...& my security questions are usually tuff anyway and i have to reset them because I forget from time to time. But..it just goes to show you people need something constructive to Do besides hacking peoples account's because they have nothing better to Do.

[kalpesh78]

Ummm this would be a basic virus wouldn't it? No it's not a computer program but all a virus is something that can negatively access your personal stuff I guess it's a human form virus but oh, a lot of people think Apple products can't get viruses.. Haha so naive children.

That's a misconception about apple products. People should know that apple products do catch viruses like any other operating systems, the only difference is that there are far fewer viruses than PCs.

In their words: Experts weigh in on Mac vs. PC security | InSecurity Complex - CNET News

[Gamemaster77]

And a virus is actually a hidden program that duplicates itself and negatively effects it.

Actually that's called a computer worm. A virus is malicious code that attaches itself to other legitimate programs, hence the "infecting" analogy.

[GmAz]

the vulnerability here wasn't in Apple's OS, folks.
the "hacker" exploited the Genius Bar to get in.

This particular problem shows up when you trust "geniuses" with your personal stuff.
I don't.

(not even Steve Jobs)

So will they finally stop calling those morons geniuses? Half the time, they just restore the device and call it fixed. If it doesn't power on, they replace it.

[bradmullins007]

Thats why i have 4 emails. All incrementally important.
1 Bank
2 School and work and some online shopping
3 Personal and more online shopping
4 Anything thats probably spam
All different passwords that have never been written (or typed) that i will never forget
And of course good security questions and answers

Just curious but I have to ask....How is it that you've never typed your password?