The Apple website was hacked by Russian hackers last night, the section dedicated to developers seems to be the most affected by this problem. Apple closed the developer portal on its website for a few hours last night without announcing what it was doing apart from saying it was for maintenance work, but the developers themselves discovered the source of the problem.
The developers of applications for iPhone and iPad have discovered some changes in the accounts that they have a porta, realizing that the addresses of the accounts have been changed with some from Russia. Moreover, they stated that various people whose accounts are Russian were added to the accounts, so we are clearly talking about a hack made by the Russians, and the Apple company spent last night solving it.
Apple did not provide details about the problem, but a vulnerability discovered in the software used for its website was resolved yesterday through a security patch. The vulnerability allows unsigned code to run on Apple's servers and is speculated to have been exploited by the Russians on the very day the patch was released, so Apple engineers spent last night applying that patch and reinstalling backups for account information.
Apple is keeping the details of last night's problem a secret and it is unlikely that in the following days it will make any announcement about this separately from the maintenance issues. If Russian hackers exploited the vulnerability that was covered today by that security patch, then it is possible that they also gained access to developer account data, and Apple should disclose this.
UPDATED: Apple offered a short message to the press in which it claims that its website was not hacked by hackers.
"Due to a bug in our account management application, your address information was temporarily displayed incorrectly in your account details on the Apple Developer website. The same incorrect address was displayed to all affected developers. The underlying code-level bug was quickly resolved and your address information now shows correctly. There was no security breach and at no time were the Apple Developer website, applications, or services compromised; nor were any of your Apple Developer membership details accessed by, shared with, or displayed to anyone.”
All my teams on Developer Member Center at @apple is registered in Russia. nice pic.twitter.com/kyYyRyLTR7
- Dal Rupnik (@TheLegoless) September 6, 2017
It looks like @Apple Developer accounts got hacked! All the profiles list this Russian address under membership, Check your profiles pic.twitter.com/4OxhpakgPy
— Kais Karim (@Kaiusee) September 6, 2017
https://twitter.com/geekable/status/905547166441144320
