A hacker just revealed the tremendous amount of effort they have put in to penetrate the security flaw in Apple’s iCloud. He added that they were responsible for uncovering several sexy photos of more than 100 celebrities including Jennifer Lawrence and Kate Upton.
It's unlikely that someone has broken into Apple's iCloud service. Instead the photos most probably emerged after exposed to a type of hacking known as "social engineering."
The hack job exploit works by learning which online services the target uses, and then compiling as much data on them as possible before using that data to either spoof access, or to simply use their email address and a guessed password to log in to their account.
Daily Mail's James Nye found the alleged hacker's comment on an anonIB thread early on 1 September 2014. In the comment, the hacker thanked the community for its support and added that they were on the run. He also disclosed that they will be moving to a new location where they would continue to post about the hacked photos and videos.
The Federal Bureau of Investigations (FBI) has launched an investigation into the hacking and Apple has patched up a security flaw in iCloud that could have enabled the hacker(s) to access the celebrities' private photos. Apple has not officially commented on how the security breach happened but says it is "actively investigating" the situation and that it takes its users' privacy "very seriously."
Most of the celebrities whose compromising photos were already posted online are not really technically capable of protecting their online accounts. For instance, Jennifer Lawrence is known to use iCloud after she let slip in a red carpet interview with MTV this year that she frequently has trouble with the service, remarking "My iCloud keeps telling me to back it up, and I'm like, I don't know how to back you up. Do it yourself."
Security experts revealed that once the hacker discovers the iCloud account of a celebrity, it's trivially easy to access their online photo backup through Apple's Photo Stream utility and iCloud photo backups.
Analysis of the embedded EXIF data (information about where and how the picture was taken that is frequently appended to digital photo images) included in one of the leaked images shows it was taken a few weeks ago, well within Photo Stream's limit of 30 days before images are deleted. However, actress Mary Elizabeth Winstead claimed on Twitter that the leaked photos of her included in the hack were taken "years ago."
It should also be noted that despite the hacker claiming to have accessed the trove of photos thanks to an iCloud exploit, the range of devices showcased suggests that another service may have been to blame. Various naked celebrities are photographed taking selfies with Android devices and webcams. Leaked videos could not have originated from the iCloud photo backup service. The range of devices and media may mean that another backup service like Dropbox or Google Drive could be the originator of the leaked photos, with both services offering automatic backup tools for photos and videos imported from cellphones.
It's unlikely that someone has broken into Apple's iCloud service. Instead the photos most probably emerged after exposed to a type of hacking known as "social engineering."
The hack job exploit works by learning which online services the target uses, and then compiling as much data on them as possible before using that data to either spoof access, or to simply use their email address and a guessed password to log in to their account.
Daily Mail's James Nye found the alleged hacker's comment on an anonIB thread early on 1 September 2014. In the comment, the hacker thanked the community for its support and added that they were on the run. He also disclosed that they will be moving to a new location where they would continue to post about the hacked photos and videos.
The Federal Bureau of Investigations (FBI) has launched an investigation into the hacking and Apple has patched up a security flaw in iCloud that could have enabled the hacker(s) to access the celebrities' private photos. Apple has not officially commented on how the security breach happened but says it is "actively investigating" the situation and that it takes its users' privacy "very seriously."
Most of the celebrities whose compromising photos were already posted online are not really technically capable of protecting their online accounts. For instance, Jennifer Lawrence is known to use iCloud after she let slip in a red carpet interview with MTV this year that she frequently has trouble with the service, remarking "My iCloud keeps telling me to back it up, and I'm like, I don't know how to back you up. Do it yourself."
Security experts revealed that once the hacker discovers the iCloud account of a celebrity, it's trivially easy to access their online photo backup through Apple's Photo Stream utility and iCloud photo backups.
Analysis of the embedded EXIF data (information about where and how the picture was taken that is frequently appended to digital photo images) included in one of the leaked images shows it was taken a few weeks ago, well within Photo Stream's limit of 30 days before images are deleted. However, actress Mary Elizabeth Winstead claimed on Twitter that the leaked photos of her included in the hack were taken "years ago."
It should also be noted that despite the hacker claiming to have accessed the trove of photos thanks to an iCloud exploit, the range of devices showcased suggests that another service may have been to blame. Various naked celebrities are photographed taking selfies with Android devices and webcams. Leaked videos could not have originated from the iCloud photo backup service. The range of devices and media may mean that another backup service like Dropbox or Google Drive could be the originator of the leaked photos, with both services offering automatic backup tools for photos and videos imported from cellphones.
0 comments
Post a Comment