This page has been robot translated, sorry for typos if any. Original content here.

Hackers hacked iCloud and posted intimate photos of 100 Hollywood stars on the Web

Хакеры взломали iCloud и выложили в Сеть интимные фото 100 голливудских звезд

Candid photographs of Hollywood stars, including actress Kirsten Dunst, singer Rihanna, The Hunger Games star Jennifer Lawrence and others, appeared in the public domain. It is assumed that the pictures of the girls were stolen as a result of hacking iCloud.

According to BuzzFeed, in addition to Lawrence and Rihanna, the photos are also allegedly stolen from Mary Kate Olsen, Ariana Grande, Victoria Justice, Kate Upton and others. On many images, the stars appeared in an unusual form for the audience - without makeup, and sometimes half-naked. It is not yet clear whether all the photographs are genuine. There are more than 100 names in the list of affected celebrities.

Mary Elizabeth Winstead, whose pictures also went online, confirmed their authenticity, noting that these photos were deleted a long time ago. “I can only guess what terrible efforts were put into it,” she added.

Representative Jennifer Lawrence also virtually confirmed the authenticity of the images, calling the hacking “a flagrant violation of privacy”. He threatened with criminal prosecution both for the hackers themselves and those who choose to distribute candid photos of the actress.

Over the past few months, hackers around the world have carried out many cyber attacks, resulting in hacked or stolen data from celebrities, politicians and companies. There were also opinions about how a scandal could affect Apple, although not all participants in the plum used "apple" devices.

Vulnerability closure

As it became known, Apple closed the vulnerability in iCloud, through which hackers stole intimate photos of celebrities.

Delete photos from the Internet

The leak of intimate photos of show business stars on September 1 has already entered the history of the Internet. According to various sources, intimate pictures of almost a hundred Hollywood celebrities leaked to the Network.

Among the famous victims are Jennifer Lawrence, Kirsten Dunst, Rihanna, Kim Kardashian, Cara Delevingne, Avril Lavigne, Selena Gomez, Winona Ryder, Kate Bosworth, Amber Heard and many others. Some victims claim that they were not the leaked photos. Although images are quickly removed from large online repositories and blogs, they cannot be removed from anywhere on the Internet.

Who stole the photo?

The first mention of the images appeared on August 26 on an anonymous imageboard, It.tut says. Someone offered to buy the pictures, leaving the email address Knowing the source and even the mail address is unlikely to help the investigation - to hide the geographical location of the author of the publication, and even more so the identity on the Internet, is not difficult.

Хакеры взломали iCloud и выложили в Сеть интимные фото 100 голливудских звезд

From September 1, pictures began to fly across the Internet from the anonymous 4chan image board and the Reddit collective blog. One of the Reddit users discovered that someone under the nickname BluntMastermind publishes new pictures before other sources. Another user in the screenshot with the “announcement” of new photos offered for sale, saw the name of the home network and the names of computers in it - using this information using Google search, he allegedly calculated the names and place of work of the distributor. The first user continued the investigation and found accounts with these names on Facebook, Steam and LinkedIn.

Хакеры взломали iCloud и выложили в Сеть интимные фото 100 голливудских звезд

The “accused” Reddit users were software engineer Brian Hamad from Georgia, USA. Hamad in an interview with the Daily Mail said he was not involved in hacking. “I do not stand behind all this. I lied to someone on Reddit in an attempt to sell a photographed picture for bitcoins, ”he said. However, the publication notes that Hamad was capable of hacking: on the website of the company where he works, Hamad is described as a technical expert and specialist in PHP, MySQL and Java. Note that the investigation of Reddit users does not make Hamad the official criminal accused.

Two days before the leak, a representative of the hacker group HackApp published a script on PasteBin that allows you to pick up a password for iCloud. The vulnerability allowed through the service "Find iPhone" to secretly select a password using brute force. Already on September 1, the vulnerability was closed by Apple.

Хакеры взломали iCloud и выложили в Сеть интимные фото 100 голливудских звезд

The first hacking messages appeared even before the publication of the script. There is also no evidence that all photos were stolen from iCloud. It is theoretically possible, but in practice it is very difficult to establish who tried to select passwords for accounts if this was done through the specified script.

It can also be assumed that hackers did not use a brute force script, but a phishing technique, distributing malicious links in emails (for example, by invitation to a VIP event). In this case, the attacker will be difficult to calculate for technical specialists.

More than one person may be involved in the case: the author of the script or trojan may not be associated with hackers who cracked “star accounts”, hackers could not publish the pictures themselves, but resell them, and the resale chain can consist of many links.

One way or another, an attacker (or a group of attackers) faces a considerable period of time. The organizer of the "star leak" in September 2011, who published the stolen intimate photos of Scarlett Johansson, Christina Aguilera and other celebrities, received 10 years in prison and a fine of 72,000 dollars, although the charge on 21 counts provided for up to 121 years in prison in total.

Is the goal achieved?

Information from stars' email accounts, and especially from cloud storage services such as iCloud, interests hackers simply out of vanity, experts say. Infowatch, an information security specialist, has already called the leak of intimate photo stars the “biggest scandal in history” of its kind. No wonder the American intelligence services joined in the investigation, which, together with Apple, continue to search for the hacker who caused the loudest “drain” to the Internet.

“The FBI is aware of reports that relate to computer infiltration and the illegal publication of materials involving famous individuals,” the The Wall Street Journal quoted the intelligence agency as saying. Apple also announced its involvement in the investigation of the incident. “We take user privacy very seriously and are studying these messages,” Cupertino said.

The stage of the investigation of the circumstances of the high-profile case is not yet reported, but it is known that the attacker or people acting on his behalf are not afraid to publicly contact Internet users and even ask them for money for such “ feats. " In his appeal, the attacker stated that he was not involved in Internet hacking, but simply “collected” photographs collected from various sources, the nature of which the “collector” himself did not specify. Later, the alleged thief promised to publish more photos of naked stars - for donations from Internet users.

“People want ****** for free,” the IB Times quoted a statement by a self-proclaimed “hacker.” “Of course, I received $ 120 for my Bitcoin wallet and how much money (I paid a lot through the Bitcoin system to get some photosets), I really did not get what I was hoping for.” Is this self-proclaimed "hacker" the real reason for the hacking, or is it just a fraudster who decided to cash in on someone else's adventure, is still unclear.

Archive of candid photos of celebrities

Archive of candid photos of celebrities can be found here . Note that hackers have posted so far the smallest part of the photos of all. Attackers want to show the remaining pictures in the near future for bitcoins.

Apple, for its part, did not comment on the situation, but reacted by closing the vulnerability in the Find iPhone feature, which was used by hackers. It is reported that hackers were able to hack iCloud by guessing the password for accounts, which took some time. In this regard, according to one version, the conflict was planned intentionally before the release of iPhone 6 from competitors.

Comments by celebrities themselves