A prominent threat actor known as IntelBroker, notorious for orchestrating several high-profile data breaches, has now set its sights on Apple.

The hacker successfully leaked the company’s source code associated with several internal tools, announcing this development through a post on the dark web.

According to reports from IntelBroker, the iPhone maker experienced a significant security breach, leading to this exposure. The threat actor claims to have obtained the source code for various internal tools, including AppleConnect SSO and AppleMacroPlugin.

While details about these tools are scarce, it is known that AppleConnect SSO is a system used for authentication, allowing employees to access specific applications within the network.

These systems are integrated with the company's database, providing a secure form of access to its resources.Within iOS, apps launched by employees can use AppleConnect SSO for login purposes, where users set up patterns instead of passcodes for easier access.

The threat actor has not provided further details, but it is speculated that this data might be for sale, although this remains unconfirmed. Importantly, such breaches are localized internally and do not affect the company’s customer data.

A source familiar with these matters noted that dark web forums have strong vetting processes to filter out scammers attempting to sell leaked content. However, IntelBroker has managed to navigate these processes and has a reputation for successfully doing so.

This group has a history of hacking attempts, including attacks on American governmental institutions and websites, demonstrating its capabilities. Apple has yet to release a statement regarding this breach and the theft of its source code.