Is Ibrahim Balic Behind the Apple Dev Center Hack? Maybe Not.
Balic, an independent security researcher, believes he is. And the timing and some of the data he has offered up in support of that claim does line up with the narrative so far.
But is he really the “intruder” that Apple says attempted to pilfer the personal information of its registered developers?
That’s a question only Apple can answer. But it’s unclear for now whether Balic is indeed the perpetrator; Apple’s response to the breach suggests a serious intrusion by nefarious players and not an altruistic Whitehat hacker.
Consider: Three days of silence as the company assessed the breadth of the breach and worked out a response plan and the messaging to communicate it to developers. A Dev Center outage that continues to this day. Apple’s admission that the incident has caused it to completely overhaul its developer systems, update its server software and rebuild its entire database — remember, registered iOS and Mac developers number in the hundreds of thousands.
Do those moves really jibe with Balic’s conduct and his “I think it was me!” announcement and subsequent haphazard disclosures? Keep in mind: Right now, the only source attributing Dev Center’s temporary closure to Balic is Balic.
Finally, I got the expected response from Apple, I'm happy now. I do not want people to provoke this matter. pic.twitter.com/IEGgeNX6F4
— ibrahim BALİÇ (@ibrahimbalic) July 23, 2013
Balic may have discovered a vulnerability in Dev Center and exploited it in a proof-of-concept exercise. He may even have found the very vulnerability that caused the fire drill at Apple last Thursday. But it’s hard to believe he’s the guy who forced the company to go to the mattresses and put Dev Center on lockdown. The severity of that response — one that is still ongoing — suggests more sophisticated attackers.
Asked if Ibrahim Balic was indeed responsible for the hack, an Apple spokesman declined comment. Asked explicitly if the company knows the identity of the hacker responsible for the intrusion, a company spokesperson replied, “We cannot comment on that yet.”
There’s not much room to read between the lines there. That said, the fact that Apple answered the second question but not the first — and did so with a “We cannot comment on that yet” — suggests to me that the company hasn’t fingered Balic as the author of the hack to which it has been responding.
More to come soon, hopefully.