Apple Developer site goes down and some users are fearing a hack

Some developers say accounts changed to point to Russian address.

Apple Developer site goes down and some users are fearing a hack

As Mac Rumours reports, Apple's Developer Center (developer.apple.com) went unexpectedly offline for a few hours earlier tonight.

That's obviously a nuisance for any coder, but what really put the cat amongst the pigeons were tweets by some developers that prior to the downtime, their developer account profiles had been updated without their permission, pointing to an address in Russia.

Is this a malicious hack or some more down-to-earth internal goof that has caused some Apple developers to see the wrong contact information on their profile?

Probably only Apple can answer that question with certainty, but it's important to note that even if some accounts were compromised to have a postal address of "Saint Petesburg" (sic), that's a different scale of threat from there being an inherent vulnerability in the Apple Developer portal that could be exploited on a grand scale.

I think everyone should be careful about leaping to the conclusion that a site has been hacked, because - without the right evidence - it can lead to panic and poor decisions being made. It's all too easy with social media to throw a snowball and for it to grow into an avalanche.

AppleHopefully Apple will be able to shed more light on what happened (and what didn't happen) in the coming hours.

What they won't want is the kind of kerfuffle we saw four years ago when a Turkish security researcher claimed to have found a flaw in the Apple Developer Centre site that allowed him to retrieve information on more than 100,000 users.

At least this latest problem has come to light now, rather than next week when Apple will take to the stage in California to announce an array of new products, including the iPhone 8. Imagine how much more of a nuisance that would have been.

Update: Apple has blamed the incident on a software bug.

Tags: , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

Subscribe to the free GCHQ newsletter

, , ,