Apple Hacked. 27 Administrative Account Stolen

While the infamous hacking group LulzSec are done with their 30-days long campaign creating a havoc by hacking into several government and corporate websites, a new group of hackers who call themeselves “AntiSec”, are claiming to have hacked into one of the Apple’s servers using an SQL injection.

According to reports, it is expected that the group includes hackers from both Anonymous and LulzSec Security. Anonymous tweeted that they hacked one of the Apple servers and managed to steal 27 usernames and passwords. The document wih usernames, password and the server link was posted on Pastebin.

Apple Hacked by AntiSec

The hackers gained access to Apple’s severs due to a security falw in Apple’s software that is used by the Cupertino, California based gadget maker and other companies. However, the hacker group stated that they are focused elsewhere and there is nothing to worry about Apple as of now, but it could be target in the near future.

AntiSec posted that they managed to steal username and password from this server:

The hacked Apple’s servers is used for conducting technical support follow-up surveys. Currently the server is temporarily down:

Apple was earlier hacked by LulzSec during their month-long campaign. LulzSec posted that it had “mapped Apple’s internal network, thoroughly pillaging all of their servers, grabbed all their source code and database passwords,  which we proceeded to shift silently back to our storage deck.”

Some weeks ago, we smashed into the iCloud with our heavy artillery Lulz Cannons and decided to switch to ninja mode. From our LFI entry point, we acquired command execution via local file inclusion of enemy fleet
Apache vessel. We then found that the HTTPD had SSH auth keys, which let our ship SSH into other servers. See where this is going?

However, Apple has not yet confirmed the breach and we are not sure if these claims are true.

Sony Goes Down Again, This Time SQL Injection Takes Down SonyBMG

In what seems to be yet another set of never ending series of hacks, break-ins, Sony took another hit when the Greece website of it’s music division, SonyBMG was hit by SQL injection.

Sophos reports that an anonymous poster has uploaded to  a full user database, including the usernames, real names and email addresses of users registered on

After searching a bit, I found the relevant paste where the data was uploaded(I won’t link here, you should be able to find out) – but it would appear that about 8,385 rows of user data have been leaked.

If you’ve an account at, I recommend you change your password ASAP – else you might end up unknowingly spamming your entire contact list.