Teenage Apple Hacker Avoids Prison TimeHacker Who Kept 'Hacky Hack Hack Methods' Folder on His Computer Gets Probation
An Australian man who as a teenager managed to infiltrate Apple's networks and do it again after the company managed to expel him has been sentenced to eight months of probation, according to news reports.
See Also: The Evolution of Email Security
The Melbourne-based man, now 19, has not been named because the offenses occurred when he was a minor. He pleaded guilty to two charges in a children's court, according to Bloomberg, and no conviction will be placed on his record (see Australian Teenager Pleads Guilty to Hacking Apple).
The man was charged with unauthorized modification and possession of data, a spokesman for the Australian Federal Police tells Information Security Media Group. During a hearing Thursday, a magistrate said the first charge carried a maximum sentence of 10 years, and the second one, two years, Bloomberg reports.
At the hearing, the magistrate said: "Your offending is serious. It was sustained, sophisticated and a successful attack on the security of a major multinational corporation," Bloomberg reports.
The Age reports that the man's father wiped away tears after the probation order was read.
The 19-year-old man has been accepted into a university and plans to study criminal justice and cyber safety, according to news reports.
Apple tells ISMG that personal data was not compromised in the intrusions.
"At Apple, we vigilantly protect our networks and have dedicated teams of information security professionals that work to detect and respond to threats," the company says in a statement. "In this case, our teams discovered the unauthorized access, contained it, and reported the incident to law enforcement."
How Hacker Bit Apple
Apple is likely one of the most well-defended companies in the world, but no company is impervious to all attackers. Furthermore, Apple is likely one of the most targeted organizations because of its ubiquitous iPhone and other products.
In the case of the Australian teen hacker, the court heard that his first intrusion campaign ran from June 2015 to November 2016. The magistrate said at the man's sentencing that he "exploited a virtual private network used by authorized people to connect remotely into Apple's internal systems," Bloomberg reports.
After police raided the teen's home, they recovered two Apple laptops and a hard drive that contained a folder labeled "Hacky Hack Hack Methods Exclude." The folder contained "12 files on methods to infiltrate or bypass Apple's security," Bloomberg reports.
The hacker was able to launch a shell on Apple's systems, which enabled him to quickly remove data, including copies of internal security policies and authentication keys, Bloomberg reports. All told, the stolen data amounted to 1 terabyte.
Apple identified and shut down the attack in November 2016. But the man - as well as a second person who has not been named in court, but who also appears to have been a teenager - regained access last year.
The Age reported on Aug. 16 that in WhatsApp chats, the teen Apple hacker from Melbourne had bragged about gaining access. A lawyer for the defendant told the court that day that his client had become renowned in the international hacking community.
Police Pursue Second Suspect
The 19-year-old defendant cooperated with investigators and showed remorse to the court for his actions, the magistrate said, according to Bloomberg.
Australian police continue to investigate the Apple intrusions. A brief of evidence related to a second teenager has been sent to the Office of the Commonwealth Director of Public Prosecutions, the Australian Federal Police spokesman says.