Apparently Apple's security policies are so lame, all you need to hack into someone's Apple .ME account is their email address, billing address and the last four digits of that person's credit card on file. In other words, all you have to do is dumpster dive and you'll probably get the info you need to get Apple to help you hack anyone's account!
Of course this makes one wonder just how long people have been surreptitiously performing this simple social engineering hack. There could be a lot of people with hacked accounts, but who have no clue, because...well...they're Apple fans who don't like complexity.
There are many permutations of schemes you could run, once you gain access to someone's account. You could install malware, copy all their personal information stored on their devices, use their devices to send out spam, or collect illegal porn and then frame them for it, etc.
Scary.
No comments:
Post a Comment