Meet the police forensic tool pervs used to steal celebrity iCloud nude photos

The iCloud accounts of numerous Hollywood celebrities have been hacked, with naked images being sold for Bitcoins. (Picture: Killian Bell)

Blame for the flood of celebrity nude photos that hit the Internet has been rotating from the pervy hackers that ripped the pics, to Apple, to the creator of iBrute, but while the FBI and Apple continue to investigate the source of the leak, there’s one tool that has gone unmentioned: the police forensic tool that made it all possible.

One of the key elements behind the iCloud nudes leak is a piece of software created by Elcomsoft that allows attackers to impersonate a target’s iPhone and download its entire iCloud backup, and you don’t even have to be a cop to get it.

After digging into the source of the leak, Wired reports that Elcomsoft Phone Password Breaker (EPPB) has become the tool of choice among AnonIB rippers – the 4chan offshoot that may have sourced the leaked nudes – who have honed the process of stealing iPhone pics down to a science. The Russian-based forensic firm Elcomsoft sells the software without proof of government credentials for $1399, but bootleg copies can be easily torrented for free.

Once an attacker has a user’s AppleID and password, EPPB can access all of the backup’s data “without the consent or knowledge of the device owner,” boasts the company’s website. Security experts pointed to Alexey Troshichev’s iBrute software tool as the culprit of the leaks, by giving attackers access to victim’s iCloud.com accounts. But by using Elcomsoft’s tool, attackers can download the entire iPhone backup as a single folder, giving them much more data (texts, videos, contacts, app data, etc.) than just Jennifer Lawrence’s naughty bits.

Female celebrities have been in the spotlight during the attack, and Apple has already denied that a “breach in any of Apple’s systems including iCloud or Find my iPhone” in the “very targeted attack,” but as Sam Biddle at Valleywag explains, every iCloud user is vulnerable to attack, whether you’re Kate Upton or a regular nobody:

“The idea that only celebrities are being targeted is horseshit. There are people out there ripping the iCloud accounts of ordinary people, right now… It’s absolutely not a “targeted attack”—it’s a casual free-for-all, taking advantage of Apple’s pathetic security system. And this is just one website on a very big internet.”

Biddle points to a group of AnonIB “iCloud rippers” who share stolen photos from girls who aren’t even famous. Anyone is open to being targeting as long as you’ve got their Apple ID and password, and plenty of veteran rippers are on-hand to help wanna-be hackers with any problems they run into along the way.

With the announcement of the iPhone 6 just seven days away, Apple certainly wants to squash the iCloud leak controversy as quickly as possible. For now the company isn’t admitting that iCloud is vulnerable to someone easily guessing your password via password recovery, but in the meantime we recommend turning on two-factor authentication for Apple ID.

  • John

    There is NO 2 stage verification on icloud.com. If someone has your password, it doesn’t matter a dime if you have 2 stage verification turned on, anyone with your password can access a full backup of everything you store on iCloud.

  • Adrayven

    Sounds like Sam is grand standing and has a personal bias against Apple. Considering no breach happened of Apple’s systems themselves, he still calls it pathetic.. knowing full well, that Apple supports 2 factor auth; though the celebrities never used it.

    Sure the older system isn’t as secure, but random long passwords is still standard among most sites. 2 factor has not caught on as a standard and hopefully this will help bring awareness to make it a standard. He could have attempted to maintain objectiveness to this, but doesn’t seem interested in that.

  • LeCookieMonster

    This person sounds like an @$$.

  • DG O’Brien

    As an IT professional, I just wonder why people would trust a cloud storage to a level for storing nude photos there. Edward Snowden had already told us that neither the government nor the internet service providers are trustworthy. Even if those photos were not being hacked, wouldn’t those victims have ever thought that their photos would have been viewed by the people in iCloud whenever they first uploaded the photos to there? Just unbelievable. I always told me clients that before storing sensitive data on the cloud, they have to use services like https://www.boxcryptor.com/ or http://free.cloudbacko.com to encrypt the data on their local machines first before uploading to the cloud, so as not to leave chances for anyone, including hackers, people from the cloud storage, or even NSA to be able to open your data. I believe we all learned a lesson now.

  • mythofechelon

    Hang on. Am I missing something here? “Anyone is open to being targeting as long as you’ve got their Apple ID and password”? Well, yeah. When you’ve got the credentials for an account you can get access to said account with the aforementioned credentials. That’s how it works. What’s the difference between this and installing and logging into iCloud Control Panel and obtaining the data that way?

  • Adam

    I suppose if someone has your AppleID and password, that security is out the window. :( Damn Internets.

  • jack

    The girls themselves are also pervs

About the author

Buster HeinBuster Hein is Cult of Mac's Senior News Editor and lives in Phoenix, Arizona. Twitter: @bst3r.

(sorry, you need Javascript to see this e-mail address)| Read more posts by .

Posted in News, Top stories | Tagged: , , , , |