Info@NationalCyberSecurity
Info@NationalCyberSecurity

The Blurred Lines of Ethical Hacking | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker


In a twist of events that encapsulates the complexities of the cyber world, a San Francisco man named Noah Roskin-Frazee, lauded as a security researcher, finds himself on the wrong side of the law. Roskin-Frazee and an unnamed co-defendant stand accused of defrauding tech giant Apple of approximately $2.5 million in gift cards and products, in a scheme that reportedly spanned from December 2018 to March 2019.

The Alleged Scheme

According to the indictment, the duo exploited a password reset tool to gain access to an employee account from a third-party company that provided customer support to Apple. Using the stolen credentials, they managed to infiltrate Apple’s VPN servers and its Toolbox program, where they altered orders to reduce costs to zero and added products like iPhones, MacBooks, and gift cards at no charge.

The fraudulent activities extended to shipping items to fake addresses and extending service contracts for acquaintances. In total, over $3 million was targeted through more than two dozen orders, with the successful acquisition of approximately $2.5 million in gift cards and over $100,000 in products and services.

The Unlikely Acknowledgment

In a surprising turn, Apple publicly thanked Roskin-Frazee in a security update for identifying vulnerabilities in its products, despite his arrest. This acknowledgment post-arrest raises questions about the intricate dynamics of cybersecurity and corporate relations.

While the indictment does not explicitly name Apple, it references a company headquartered in Cupertino, California, that develops, manufactures, and sells consumer electronics and services. The connection to Apple is further solidified by the mention of the company’s Toolbox program, a proprietary system used for customer support and order management.

The Potential Fallout

If convicted, Roskin-Frazee and his co-defendant could face severe penalties. The Criminal Division of the U.S. Department of Justice has taken up the case, signaling the gravity of the situation. The case serves as a stark reminder of the blurred lines between cybersecurity research and cybercrime, and the potential consequences of crossing them.

As the legal proceedings unfold, this story underscores the delicate balance between corporate interests, cybersecurity, and ethical hacking. It also highlights the need for clear guidelines and robust systems to prevent the exploitation of vulnerabilities in the digital realm.

In the ever-evolving landscape of technology and cybersecurity, this case offers a glimpse into the complex interplay of human ambition, corporate power, and the relentless pursuit of knowledge. As the world becomes increasingly interconnected, the lessons from this case may serve as a cautionary tale for all those navigating the murky waters of cyberspace.

var fbKey = ‘174123585737091’;
(function(d, s, id){
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) {return;}
js = d.createElement(s); js.id = id;
js.src = `https://connect.facebook.net/en_US/sdk.js#version=v2.2&appId=${fbKey}&status=true&cookie=true&xfbml=true`;
fjs.parentNode.insertBefore(js, fjs);
}(document, ‘script’, ‘facebook-jssdk’));

——————————————————–


Click Here For The Original Story From This Source.

.........................

National Cyber Security

FREE
VIEW