This page has been robot translated, sorry for typos if any. Original content here.

Hackers hacked iCloud and uploaded intimate photos of 100 Hollywood stars

Хакеры взломали iCloud и выложили в Сеть интимные фото 100 голливудских звезд

Candid photographs of Hollywood stars, including actress Kirsten Dunst, singer Rihanna, star of the Hunger Games Jennifer Lawrence and others, appeared in public access. It is assumed that the pictures of the girls were stolen as a result of hacking iCloud.

According to BuzzFeed, in addition to Lawrence and Rihanna, photos are also allegedly stolen from Mary Kate Olsen, Ariana Grande, Victoria Justice, Kate Upton and others. On many images, the stars appeared in a form unusual for the audience - without makeup, and sometimes even half-naked. It is unclear whether all the photographs are genuine. There are more than 100 names in the list of affected celebrities.

Mary Elizabeth Winstead, whose pictures also hit the web, confirmed their authenticity, noting that these photos were deleted a long time ago. “I can only guess what terrible efforts have been made to this,” she added.

Representative Jennifer Lawrence also actually confirmed the authenticity of the pictures, calling the hack "a blatant violation of privacy." He threatened criminal prosecution by both the hackers themselves and those who decide to distribute candid photos of the actress.

Over the past few months, hackers around the world have carried out numerous cyber attacks, as a result of which celebrities, politicians and companies have been hacked or stolen. Opinions appeared on how a scandal might affect Apple, though not all the plum participants used Apple devices.

Close vulnerability

As it became known, Apple closed the vulnerability in iCloud, through which hackers stole intimate photos of celebrities.

Remove photos from the Internet

The leak of intimate photos of show business stars, which took place on September 1, has already entered the history of the Internet. In the network, according to various sources, leaked intimate shots of nearly a hundred Hollywood celebrities.

Among the famous victims are Jennifer Lawrence, Kirsten Dunst, Rihanna, Kim Kardashian, Cara Delevingne, Avril Lavigne, Selena Gomez, Winona Ryder, Kate Bosworth, Amber Heard and many others. Some victims claim that they are not on the leaked photos. Although images are promptly removed from large online repositories and blogs, they cannot be removed from anywhere on the Internet.

Who stole the photo?

The first mention of the images appeared on August 26 on the anon image board, says It.tut. Someone offered to buy pictures, leaving an email address Knowledge of the source and even the mail address is unlikely to help the investigation - to hide the geographical location of the author of the publication, and even more so the identity on the Internet, is simple.

Хакеры взломали iCloud и выложили в Сеть интимные фото 100 голливудских звезд

From September 1, the pictures began to scatter on the Internet from the anonymous image board 4chan and the collective blog Reddit. One Reddit user discovered that someone under the nickname BluntMastermind publishes new images before other sources. Another user in the screenshot with the "announcement" of new photos offered for sale, saw the name of the home network and the names of computers in it - using this information, using Google search, he allegedly calculated the names and place of work of the distributor. The first user continued the investigation and found accounts with these names on Facebook, Steam and LinkedIn.

Хакеры взломали iCloud и выложили в Сеть интимные фото 100 голливудских звезд

Reddit's “accused” users was software engineer Brian Hemad from Georgia, USA. In an interview with the Daily Mail, Hemad said he was not involved in hacking. “I am not behind all this. I lied to someone on Reddit in an attempt to sell a picture from a bitcoin, ”he said. However, the publication notes that Hemad was capable of hacking: on the website of the company where he works, Hemad is described as a technical expert and specialist in PHP, MySQL and Java. Note that the investigation of users of Reddit does not make Hemad official accused of a crime.

Two days before the leak, a representative of the hacker group HackApp published a script on PasteBin that allows you to select a password for iCloud. Vulnerability allowed through the "Find iPhone" service to secretly find a password using the brute force method. Already on September 1, the vulnerability was closed by Apple.

Хакеры взломали iCloud и выложили в Сеть интимные фото 100 голливудских звезд

The first reports of hacking appeared before the publication of the script. There is also no evidence that all photos were stolen from iCloud. It is theoretically possible, but in practice it is very difficult to establish who tried to pick up passwords to accounts, if this was done through the specified script.

It can also be assumed that the hackers did not use a script for brute-force, but a phishing technique, distributing malicious links in emails (for example, by inviting you to a VIP event). In this case, the attacker will be difficult to calculate the technical specialists.

Not one person may be involved in the case: the author of the script or trojan may not be associated with hackers who hacked into the “star accounts”, hackers could not publish the pictures themselves, but resell them, and the chain of resale may consist of many links.

Anyway, the attacker (or group of attackers) faces a considerable period of time. Scarlett Johansson, Christina Aguilera and other celebrities, the organizer of the “star leak” of September 2011, who published the stolen intimate photos, received 10 years in prison and a $ 72,000 fine, although the charge on 21 counts provided for a total of 121 years in prison.

Goal achieved?

Information from the e-mail boxes of stars, and especially from cloud storages such as iCloud, hackers are interested simply from vanity, experts say. Information security specialist Infowatch has already called the leakage of intimate photo stars "the biggest scandal in history" of this kind. It was not for nothing that the American special services were connected to the investigation, who, together with Apple, continue to search for the hacker who caused the loudest “drain” on the Internet.

"The FBI is aware of reports that relate to computer intrusion and illegal publication of materials with the participation of well-known persons," the statement cited by The Wall Street Journal. Apple also announced involvement in the investigation of the incident. “We take user privacy very seriously and are studying these messages,” said Cupertino.

The stage at which the investigation into the circumstances of the high-profile case is currently not reported, however, it is known that the attacker himself or people acting on his behalf are not afraid to publicly contact Internet users and even ask them for money for such exploits. " In his address, the attacker stated that he did not engage in Internet hacking, but simply “collected” photographs collected from various sources, the nature of which the “collector” himself did not specify. Later, the alleged thief promised to publish more photos of naked stars - for donations from Internet users.

“People want ****** for free,” the IB Times quotes a statement from the self-proclaimed “hacker.” “Of course, I got $ 120 for my bitcoin wallet and how much money (I paid a lot through the bitcoin system to get some photosets), I really didn’t get what I was hoping for.” Is this self-proclaimed "hacker" the real reason for hacking, or is it just a crook who decided to cash in on someone else's adventure is unclear.

Archive of candid celebrity photos

Archive of candid photos of celebrities can be viewed here . Note that hackers have posted on the Web so far the smallest part of the photos of all. The remaining images of the attackers want to show in the near future for Bitcoins.

Apple, for its part, did not comment on the situation, but reacted, closing the vulnerability in the “Find iPhone” function, which was used by hackers. It is reported that hackers were able to crack the iCloud method of finding the password to the accounts, which took a certain amount of time. In this regard, according to one of the versions, the conflict was deliberately planned before the release of the iPhone 6 by competitors.

Comments themselves celebrities