Industry News

Mystery continues to surround the nude celebrity iCloud hack

Sure, companies and governments get hacked all the time. But for the mainstream media to *really* take an interest, you need to add a twist of celebrity (preferable nude and female).

That’s what happened last year when the so-called Fappening saw the intimate and private photographs of scores of female celebrities and actresses, many of them topless or nude, leak onto 4Chan and the seedier corners of Reddit.

Famous names who had their privacy violated by the leak included Jennifer Lawrence, Kate Upton, Victoria Justice, Kirsten Dunst, Hope Solo, Krysten Ritter, Yvonne Strahovski, Teresa Palmer, Ariana Grande, and Mary Elizabeth Winstead, amongst many others…

jlaw-wide

Source: Viral Global News

But although anyone curious could now know the A-list starlets in much more intimate detail than they might ever have imagined possible, mystery shrouded the culprit or culprits who had perpetrated the actual hack.

A new report by online gossip blog Gawker may have given us a brief chink of light into what happened, although some mysteries remain.

According to Gawker has revealed a search warrant and affidavit, revealing that the FBI has seized computers belonging to a Chicago man in connection with the hack.

And it appears that the documents back Apple’s claim that their iCloud service did not suffer a breach as such, but instead was the victim of a targeted attack after celebrities’ passwords and security questions were determined.

In the affidavit, FBI cybercrime special agent Josh Sadowsky says that an IP address assigned to one Emilio Herrera was “used to access approximately 572 unique iCloud accounts” between May 13 2013 and August 31 2014.

According to the statement, a number of the accounts accessed belonged to celebrities who had photos leaked online. In all, iCloud accounts were accessed 3,263 times from the IP address.

In addition, the IP address was used from a computer running Windows 7 to reset 1,987 unique iCloud account passwords.

Unsurprisingly, law enforcement officers visited Herrera’s house in Chicago and walked away with computers, phones, SD cards, and other devices that no doubt they planned to submit to forensic scrutiny.

In particular they would be interested in uncovering any evidence of activity which might suggest phishing, the usage of hacking tools or email forwarding.

But here’s where things get interesting.

According to Gawker, Herrera has not been charged with any crime and is not even considered a suspect at this point.

It would certainly be surprising if someone involved in such an industrial-scale account hijacking operation would not have taken elementary steps to hide their true IP address, so is it possible that Herersa’s computers were being used by the hackers of nude celeb’s iCloud accounts without Hererra’s knowledge or permission?

If that is the case, then it’s yet another reason why all computer users need to learn the importance of proper computer security.

Keeping your computer protected with a layered defence and patched against the latest vulnerabilities reduces the chance of a remote hacker gaining control of your PC.

Because the very last thing you want is to be implicated in a crime that you didn’t commit, because hackers have been able to commandeer your computer for their own evil ends.

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

3 Comments

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • “According to Gawker, Herrera has not been charged with any crime and is not even considered a suspect at this point.”

    Well whether he did it or not, whoever did do it will ultimately be found in time (if it is pursued until otherwise) and they’ll be in a lot of trouble, given the fact they’re logging in to that many accounts they are not authorised to log in to… Hopefully they feel the legal trouble they will ultimately face, is worth it to invade others privacy (which let’s be honest: spam invades privacy, not only how the addresses are usually obtained, but the actual spam itself), to have the experience of seeing those pictures and allowing others to also see the pictures. That is especially true if they are charged with each breach individually (and why should it be only one? If someone robs two banks then they are guilty of robbing two banks). Because 3263 logins is bad enough, but to actually reset the passwords of 1987 accounts is even worse; that is a lot of compromised accounts. Yet I also question the intelligence (I’ll ignore the lack of ethic and moral for the former because they clearly don’t care about that part) of the latter action: not only is that a very good indicator to the account holder, that they’ve been breached, it is also a way to make sure the perpetrator doesn’t have further access (assuming of course the logins were not discovered in another way).

  • Who cares?! The photos were denied veracity, by all of the related celebrities, right? wink wink. The good news is most if not all of the photos are still replicating around the internet – so have at them!