Jennifer Lawrence

iCloud hack: Python script used to exploit Find My iPhone service

Jennifer Lawrence
This is what Jennifer would do to the hacker who leaked the photos.

Over the past 24 hours, the web has gone nuts over leaked photos of over 100 celebrities including of award-winning actress Jennifer Lawrence and Kirsten Dunst, purportedly due to an Apple iCloud breach. Following the much publicised leaks, reports has surfaced about a Python script on GitHub that may have allowed users to ‘brute force’ a user’s account password on iCloud due to a vulnerability in the Find My iPhone service.

A brute-force attack is in layman’s terms ‘forcefully and repeatedly guessing passwords’ in an attempt to discover the correct one, done via a malicious script.

Python iCloud
The little script that could.

A flaw in the Find My iPhone service may have let hackers use the brute-force method to guess passwords repeatedly without bing locked out, or for the user to be notified of such attempts. Once breached, the hacker can then use it to fully access all iCloud functionality.

Apple seemed to have patched the hole as of today. Apple, however, has not commented on the incident.

There is still no concrete evidence that the leaked photos were obtained specifically via iCloud.

Hackapp, the creator of the Python script said that he has not seen any evidence of the the tool being used to exploit the iCloud flaw but admitted “someone could use this tool.”

READ ALSO  Let Celcom deliver the iPhone X to you at midnight on 24 November

Are you an iCloud user? Have you secured your password? Do you know where you’re backing up your photos to?

Source: The Next Web, Image credit: Hypable

READ ALSO: iCloud hack: Nude photos of Jennifer Lawrence and celebrities exposed

READ ALSO: iCloud hack: Kirsten Dunst responds to leaked photos in Twitter

READ ALSO: iCloud hack: Python script used to exploit Find My iPhone service

READ ALSO: Celebrity photo leaks continue as Rihanna and Kim Kardashian become latest victims

READ ALSO: Apple on celebrity photo leak: Not iCloud/Find my iPhone breach

READ ALSO: Not Apple iCloud hack: Jennifer Lawrence leaked nudes obtained through phishing

  • Show Comments

Your email address will not be published. Required fields are marked *

comment *

  • name *

  • email *

  • website *

This site uses Akismet to reduce spam. Learn how your comment data is processed.