Alleged Hacker Claims to Sell Access to Apple’s Internal Tools

Apple GSX Leak

A hacker claims that he has access to Apple’s internal tools which provides him with account information of Apple customers. The hacker has been showing off that he has access to the tools on Twitter by posting various screenshots. The tool is apparently Apple’s Global Service Exchange GSX) system which is primarily used by authorized staff to handle after-sales support for customers.

ZDNet’s Zack Whittaker gave the hacker an Apple Watch serial number to test his claims. He then provided him with details about the watch including its model, series, and type, though the screenshot mentioned that the Apple Watch was out of warranty which was incorrect.

https://twitter.com/XCoder8/status/1002753836027711489

The hacker claims he sells access to Apple’s confidential GSX system to at least 20 people every day using a private exploit which allows him to obtain usernames and passwords. However, a ZDNet source claimed that the hacker has access to a test version of the GSX tool which is only used for development, and it does not pose any threat to user data.

“It contains mainly dummy data,” the source said, and likely why the system returned a valid device information but otherwise incorrect or missing account data. The system no longer returns real account or warranty data, the source said.

Nonetheless, it is still unclear how the ‘hacker’ managed to gain access to a test version of Apple’s internal tool. On the positive side though, the tool now no longer returns any real user data so it does not pose even the slightest risk to user data in any way now.

[Via ZDNet]

Like this post? Share it!