The email addresses of more than 114,000 Apple iPad users have been exposed in a targeted hacking attack.
One of the key methods used to hack into the recent Apple hack was emulating an iPad via a browser. And you don't have to be a hacker/programmer to switch your user agent.
User Agent Switcher is a popular (More than 5M downloads) add-on to FireFox that allow you to switch user agent very easily. This is done by web developers who want to see how the page looks for other browser (without having to install each and every one of them).
But there is a more sinister purpose that helped make the iPad hack work. Masquerading as another device can help you get "free lunch”:
* Get free WiFi – some networks have free WiFi for iPhone.
* Access content behind a “paywall” since some sites allow searchbots (such as googlebot) to view parts that ordinary users need to pay or register to see.
* And then to get the Email of IPad users from AT&T, add iPad to User Agent Switcher. As explained on thetabletblog.net, by changing your User Agent string (also refereed to as spoofing), you can trick websites into thinking you are visiting them on an iPad.
All you have to do is copy and paste the following line of text into the User Agent field: Mozilla/5.0(iPad; U; CPU iPhone OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B314 Safari/531.21.10.
Ron Gula, CEO, Tenable Network Security (makers of Nessus), outlining how any failure on AT&T’s part was due to a lack of monitoring and alerting when the brute force queries began.
"AT&T may have had the world's best patching and security program and this box may have resisted penetration attempts from the best tools and attackers. However, the web service exploited to obtain the iPad user emails worked by design. If there was any failure on AT&T's part it was a lack of monitoring and alerting when the brute force queries began or not conducting a detailed enough risk assessment.”
No comments:
Post a Comment