Tech

A man posing as an Apple support representative ransacked hundreds of iCloud accounts for nude images

Summary: For about four years, a Los Angeles County resident was able to steal hundreds of thousands of photos and videos from the iCloud accounts of young women in the United States. While it did not violate iCloud security for this, it is an important reminder not to share your Apple ID credentials with anyone and to use two-factor authentication to prevent unauthorized access to your account.

Back in 2014, Apple faced one of the biggest security flaws in the company’s history, when a group of hackers managed to hack into the iCloud accounts of over a hundred celebrities and gain access to their personal photos and videos. Since then, several people have been found guilty of the incident, which culminated in the spread of personal content online.

While Apple never acknowledged an actual iCloud jailbreak, it is believed that this was made possible by lenient security measures that allowed brute-force brute-force attacks to brute-force the password.

Fast forward to today, and a California man pleaded guilty to at least four felony charges after hacking into thousands of iCloud accounts to steal nude images of women. According to report of the Los Angeles Times, Hao Kuo Chi admitted that he was posing as Apple support personnel in order to trick his victims into sharing their Apple ID credentials by email.

Court the documents show that 40-year-old Chi stole more than 620,000 personal photos and 9,000 videos, which he then posted to his personal Dropbox account to separate the “winning” images from the rest. To do this, he did not violate any iCloud protections, but instead applied social engineering and phishing to more than 300 victims in the United States, most of whom were young women.

For many years, Chi worked under the nickname icloudripper4you and used two Gmail addresses from which the FBI found more than 500,000 emails and 4,700 iCloud credentials sent to him by victims. He did not work alone, although he claims that he does not know the identity of his accomplices.

The scheme worked between 2014 and 2018, but immediately fell apart after Chi decided to share personal photos and videos online. Soon after, a California-based company specializing in removing celebrity photos from the Internet notified an unnamed client that it had found a match on several pornographic sites.

Investigators have already tracked Chi using data from multiple sources such as Apple, Dropbox, Google, Facebook, and Charter Communications, and eventually they were able to trace his home address. Chi pleaded guilty earlier this month and faces up to five years in prison on each of the four charges.


Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button