Categories
Apple

Not Apple iCloud hack: Jennifer Lawrence leaked nudes obtained through phishing

IA - TIME

Back in September 2014, nude photos of celebrities including those of award-winning actress Jennifer Lawrence, Kirsten Dunst, Rihanna, Kate Upton were leaked online. Apple’s iCloud service was blamed for the photos that were circulating in 4Chan’s /b/ thread (NSFW).

A 4chan user purportedly responsible for the original ‘hack’ revealed a master list of all celebrities that were hacked. Some forummers requested bitcoins and PayPal donations for access to explicit photos and videos of celebrities.

Actress Kirsten Dunst was also a victim of the alleged iCloud hack and she subsequently (sarcastically) thanked Apple in a tweet, “Thank you iCloud” with emoticons that translated into “piece of shit.”

Rihanna and Kim Kardashian later became victims of the heinous crime, as well.

The crime caught the attention of the FBI, who investigated the allegations of the hack and unlawful release of private material involving high profile people.

It looks like Apple is officially off the hook, though the company quickly patched a security hole in iCloud that could have allowed users to brute force a user’s account password using a Python script, back when the leaks were reported.

Today, hacker Ryan Collins pleaded guilty to stealing nude photos – including those of Jennifer Lawrence – from Apple servers.

The FBI found the hack didn’t involve brute-forcing or password cracking, but instead via social engineering means, in the form of phishing.

Court documents revealed that Collins’ victims fell prey to phishing scams. The hacker allegedly sent emails to victims that appeared to come from Apple and Google. They ‘warned’ victims that their accounts were compromised and subsequently asking them for their login details. Alarmed, victims would then enter their password information.

iCloud hack master list
  • Save
Credit: Buzzfeed

After gaining access to email address details, he was able to download email, and gain access to other files and services such as iCloud.

Prosecutors found he accessed more than 120 different Gmail and iCloud accounts, most of which belonged to female celebrities, between 2012 to 2014. He is currently being tried for a “felony violation of the Computer Fraud and Abuse Act.” Collins will face a statutory maximum sentence of five years in federal prison.

Oddly, he isn’t being tried for uploading images online.

Related stories

Investigations by the FBI are still ongoing.

Source: 9to5Mac, TechCrunch

Advertisements
IA - TIME

By Vernon

Vernon is the founder and chief editor of Vernonchan.com. A graphic designer by profession, he has a deep love for technology, cars, gadgets, food, and travel. He tweets too much and is also known as a caffeine bacterium ("life's too short for bad coffee"). Bleeds Blue (go Chelsea FC!) and considers BMW, Porsche, Alfa Romeo cars to have in the garage--for true petrolheads, that is.