BSidesSF 2017 has ended
Back To Schedule
Monday, February 13 • 4:50pm - 5:20pm
The Underground Economy of Apple ID

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Apple ID is the keystone of all services and apps running on Apple platforms. It is the most important credential to access iCloud, to purchase apps or music, to talk with friends or families by Messages/FaceTime, to remotely manage iPhone and Mac, to synchronize our mail, photo, calendar and documents among devices and cloud. Since its extreme importance, Apple ID has become one of the most favorite goods in the underground market!

In this topic, we will present several real world attacks to or based on Apple IDs, affecting a huge number of users globally. Some of them even led to arresting and judgement. We are going to present our observations and investigations on these questions: 1) how could attacker grab large amounts of Apple IDs? 2) how could them make profit from those stolen Apple accounts (there are many ways!)? 3) what Apple have done and could do in further to mitigate the issue? 4) how can we protect ourselves by existing solutions?


Claud Xiao

Sr Distinguished Researcher, Palo Alto Networks

Monday February 13, 2017 4:50pm - 5:20pm PST
DNA Lounge