Alleged Foxconn hack allowed bogus orders to be placed for vendors

[InfoSec News <alerts () infosecnews org>]

http://www.appleinsider.com/articles/12/02/09/alleged_foxconn_hack_allowed_bogus_orders_to_be_placed_for_vendors.html

By Josh Ong
Apple Insider
February 9, 2012

A "Greyhat" hacking group announced this week that it had successfully 
hacked contract manufacturer Foxconn and released usernames and 
passwords for vendors that could be used to place fraudulent orders for 
companies like Apple and Microsoft.

Swagg Security published a statement on Wednesday taking credit for 
hacking the company's servers. The group cited "the hilarity that ensues 
when compromising and destroying an infrastructure" as the reason for 
its actions.

They did, however, also state that they were "considerably disappointed" 
with the inhuman working conditions at Foxconn and were also "slightly 
interested in the existence of an Iphone 5," but they denied that those 
were reasons for their hack.

"We aim to to reshape your perspectives, our perspectives, by the 
inducing of entertainment. A unique approach to spreading a unique 
philosophy which brings the sought after tranquility. In a way we are 
"hacktivist", but in our own views we are Greyhats," the group wrote.

Swagg Security alleged that it had bypassed Foxconn's firewall "almost 
flawlessly." Using several hacking techniques and a couple of days time, 
the hackers reportedly dumped "most of everything of significance," 
including usernames and passwords. According to the group, the leaked 
passwords "could allow individuals to make fraudulent orders under big 
companies like Microsoft, Apple, IBM, Intel, and Dell."

[...]


_____________________________________________________
Did a friend send you this article? Make it your
New Year's Resolution to subscribe to InfoSec News!
http://www.infosecnews.org/mailman/listinfo/isn