Tuesday, September 2, 2014

Epic burglary iCloud: who and how stolen photos of naked celebrities

Leaked intimate photos of stars of show business, which occurred on September 1 , has already entered the history of the Internet. In the network, allegedly from different sources, flowed intimate pictures of nearly one hundred of Hollywood celebrities. Among the notable victims of Jennifer Lawrence, Kirsten Dunst, Rihanna, Kim Kardashian, Kara Delevin, Avril Lavigne, Selena Gomez, Winona Ryder, Kate Bosworth, Amber Heard, and many others.Some victims claim that they are not leaked photos. Although the images quickly removed from the large-scale online storage and blogs, they can not be removed from anywhere on the Internet.

Who stole the photo

The first mention of the pictures appeared on August 26 anonymous imageboard anon-ib.com, tells It.tut . Someone offered to buy the pictures, leaving the e-mail address anon_cookie@yahoo.com. Knowledge of the original source and even the mail address is unlikely to help the investigation - to hide the geographical location of publishing author, and the more a person on the internet is easy.
On September 1, the pictures began to scatter over the Internet with an anonymous imageboard 4chan and collective blog Reddit. One Reddit user discovered that someone under the nickname BluntMastermind publishes new images earlier than other sources.Another user in the screenshot with the "announcement" of new photos, offered for sale, saw the title of the home network and computer names in it - for this information via a Google search, he allegedly calculated the names and location of the distributor. First, you can continue to investigate and found the accounts with those names on Facebook, Steam, and LinkedIn.
"Defendants" Reddit users became a software engineer Brian Hemad of Georgia, USA.Hemad in an interview with Daily Mail said that they had nothing to cracking. "I do not stand behind it. I lied to someone on Reddit in an attempt to sell for Bitcoins otfotoshoplennuyu picture ", - he said. However, the publication noted that Hemad was capable of hacking: the site of the company where he works, Hemad described as a technical expert and an expert on PHP, MySQL and Java. It should be noted that the investigation does not Reddit users Hemada official accused of a crime.

Who stole

Two days before the leak representative of the hacker group HackApp posted on PasteBin script allows you to choose a password to iCloud. The vulnerability allowed through the service "Find iPhone» secretly guess the password by brute force. September 1, the vulnerability was closed Apple .
The first reports of the burglary appeared before the publication of the script. Evidence that all the photos were stolen from iCloud, are also absent. It is theoretically possible, but in practice it is very difficult to determine who tried to pick up the passwords to the accounts, if it was done by the specified script.
We can also assume that the hackers did not use a script to brudforsa and phishing technique , spreading malicious links in emails (for example, an invitation to VIP-event). In such a case, the attacker is difficult to calculate a technician.
For the case may be involved in more than one person: the author of the script or the Trojan may be unrelated to the hackers hack "star accounts," hackers can not publish pictures of themselves, and resell them, and the chain of resale may consist of many units.
Either way, the attacker (or group of attackers) faces a considerable period. Organizer "stellar leakage" of September 2011, published stolen intimate photos of Scarlett Johansson, Christina Aguilera and other celebrities, received 10 years in prison and a fine of 72 000 dollars, although the charge on 21 counts provided for up to 121 years in jail in total.

Targets achieved

Information from the email accounts of stars, and especially of cloud storage - such as iCloud, interested hackers simply out of vanity, experts say. Information Security Specialist Infowatch already called leakage intimate photos of stars "the biggest scandal in the history" of this kind. Not for nothing were connected to the investigation, and American intelligence agencies, which together with Apple continue to search for the hacker that caused the loudest "drain" on the Internet.
"The FBI is aware of reports that relate to computer intrusion and illegal publication of materials with well-known persons" - quoted by The Wall Street Journal application security services. Apple also announced to participate in the investigation of the incident. "We take user privacy very seriously and investigate these reports," - said in Cupertino.
About that, at what stage is currently an investigation into the high-profile case, not yet reported, but it is known that the attacker himself or people acting on its behalf, are not afraid to publicly refer to Internet users and even ask them for money for such " feats. " In his address, the attacker said that he was not engaged in Internet hacking, but just "collecting" photographs collected from various sources, the nature of which he "collector" is not specified. Later, the alleged thief promised to publish more pictures of naked stars - donations from Internet users.
"People want to ****** free - IB Times quotes a statement self-proclaimed" hacker. " - Of course, I got $ 120 in my bitcoin wallet and how much money (I paid a lot through the Bitcoin system, in order to get some photosets), I really did not get what I hoped for. " This is a self-proclaimed "hacker" real cause cracking or is it just a crook who decides to cash in on someone else's adventure, is unclear.