Mac OS X Hackers Can Steal Apple IDs in Just 10 Seconds

A Mac OS X vulnerability could give hackers access to someone else’s account

By on October 14th, 2012 07:44 GMT

Apple is yet to confirm this, but it appears that a Mac OS X vulnerability could allow hackers to access someone else’s Apple ID in just 10 seconds.

The guys over at shootitlive came across what seems to be a major security flaw that could be exploited by a hacker connected to the same Wi-Fi network as the victim.

The method is called “Session Fixation Attack” and basically comes down to using a previous browser session to extract private data and get access to an Apple ID.

This means that iTunes and App Store accounts can be compromised, as the hacker can change both the password and the email address.

Shooitlive says it has already informed Apple about the security flaw, but the Cupertino-based company has only replied with an automatic response.

1 Comment

Apple has already been informed of the flaw
   Apple has already been informed of the flaw