Last year’s celebrity iCloud photo hack was carried via a phishing attack

BY Rajesh Pandey

Published 10 Jun 2015

Celeb photo hack

Last year, a brute force attack on iCloud led to photos of many celebrities in compromising position being leaked to the Internet. 

While the matter has died down since then, the FBI has been working behind the scenes to find out who the mastermind was behind the hack. Their investigation is pointinh towards Emilio Herrera, residing on the South Side of Chicago, as the culprit. One of the sworn affidavit by an special agent of FBI Cybercrimes Unit claims that someone residing in Herrera’s house was responsible for the hack and the photos making their way to the Internet.

Herrera’s IP address was allegedly used to access “572 unique iCloud accounts” between May 31, 2013 and August 31, 2014, with most of the accounts belonging to high profile celebrities and their friends. Overall, he accessed these accounts 3,263 time during this period.

The breach in itself was carried out by sending phishing emails to the victims. It was initially believed that a brute force attack was used by the culprits to gain access to celebrities iCloud accounts.

The affidavit from FBI also talks about a second Chicago based address that accessed 330 unique iCloud accounts between May and August, 2014. However, information on this allegedly second culprit is unknown at the moment.

It is still unclear if Emilio Herrera was one of the masterminds being last year’s famous iCloud celebrity hack or not. FBI agents have sealed and taken all computer equipments from Herrera’s house, including two Floppy disks, a Samsung smartphone and a Kindle Fire, for investigation purposes.

Despite iCloud and Apple’s security measures not being at fault here, last year’s hack did shake up the confidence that people had in Apple’s cloud services. A positive effect of the hack was that many iCloud users ended up enabling two-factor authentication on their account for better security.

[Via Gizmodo]