An Australian teenager who pleaded guilty to break into Apple’s private systems multiple times over several months and download some 90GB of secure files has avoided conviction and will not serve time in prison.
An Australian Children’s Court has given the now 19-year-old adult defendant, who was 16 at the time of committing the crime, a probation order of eight months, though the magistrate made him understand how serious his offence was.
The teen, whose cannot be named under a local law that protects the identity of juveniles, told the court that he hacked into Apple’s systems because he was a huge fan of the company and “dreamed of” working for the technology giant.
The “Hacky Hack Hack” Folder
The teen hacked into Apple’s servers not once, but numerous times over the course of more than a year—between June 2015 and November 2016, and in April 2017.
As soon as the tech giant detected his presence on their servers, it blocked him and contacted the Federal Bureau of Investigation (FBI), which took the help of the Australian Federal Police (AFP), who subsequently raided his home last year and arrested him.
The AFP also seized two Apple laptops, a mobile phone, and a hard drive that contained a folder named “Hacky Hack Hack Methods Exclude,” including 12 files on methods to infiltrate and bypass Apple’s security.
Australian investigators recovered 90GB of data “sensitive both from a privacy and commercial point of view,” including extremely secure authorised keys used to grant login access to users, as well as access multiple user accounts, that he copied from Apple’s systems.
Here’s How The Boy Hacked Into Apple’s Servers
According to the magistrate, the teenager exploited a virtual private network (VPN) to connect remotely to Apple’s internal systems, according to Bloomberg.
With the help of his friend, the teenager then sent a malicious script to the system which created a secure shell tunnel that allowed him to access systems and bypass firewalls and eventually enabling them to download data.
Apple reportedly detected the intrusion and blocked his access in November 2016, but the teenager regained access last year in April.
The teen was pleaded guilty to two charges in August this year, but no conviction was recorded against him since the magistrate told the court that he had shown remorse and had cooperated with law enforcement.
Instead of jail time, the defendant would only be given eight-month probation.
images from Hacker News