The incident when hackers stole around 500 pictures of various celebrities was titled as Fappening by media and Internet users. Even though this happened back in 2014, it looks like since then the hackers are still stealing and leaking nude photographs whenever there is a possibility. Unfortunately, computer security specialists say, users are the ones who may help cybercriminals get access to their intimate images. Of course, it happens without the user realizing anything. To be more precise, hackers have methods to trick their victims into revealing passwords and other login data unknowingly. Further, in the text, we will tell you more about the Fappening incident from which all of this started and talk about the techniques used by cybercriminals to obtain nude photos.
As said earlier, it all began four years ago when five hundred intimate photos of mostly women celebrities were stolen from their iCloud accounts and posted on a particular site. Later on, these photos were posted on social networks like Imgur or Reddit by Internet users, although eventually Reddit started banning any material related to Fappening. At first, it was thought the access to the accounts with photos was obtained via breach of Apple’s cloud services. After the investigation was carried out, it appeared the cybercriminals could have exploited a security issue in the iCloud API. Apparently, the issue might have made it possible to guess the password as many times as needed. However, in the end, the investigation revealed the hackers were able to connect to the storages with celebrities’ nude photos via phishing attacks.
Phishing is a technique used to get various sensitive data, for example, passwords and login information, credit card details, and so on. Usually, it is used for malicious reasons like scamming the user, stealing his money or sensitive data, etc. Phishing is often accomplished by email spoofing; it is when hackers send emails with forged sender’s address. In other words, the user could receive an email asking to go to a site where he has an account and log in. Sadly, the minute the victim enters his password it could be immediately stolen and later used by cybercriminals to gain access to the user’s account. The bad news is the website you might get redirect to could look identical to the legitimate site, which is why so many users fall for this trick. Still, even if it looks like the original site, it would be wise to remember it is unusual for social media, cloud storage, and other companies to ask their customers to submit login information. Therefore, instead of revealing sensitive data right away, it would be best first to contact the company and ask whether they actually requested it or just ignore it.
Furthermore, after the Fappening incident in 2014 when hackers stole nude photos from celebrities like Jennifer Lawrence, Kate Upton, Mary Elizabeth Winstead, and so on; there were other attacks in 2017 as well, and the latest one occurred in February 2018. This time the cybercriminals stole pictures and videos with erotic content only from Guardians of the Galaxy actress Mikaela Hoover. Again the content was stolen from the actress’s iCloud storage. In total, the hackers were able to obtain about 40.000 pictures and videos. Among them, they found 119 intimate photos and videos that they decided to upload to a particular site sharing Fappening content. Currently, the investigation is still in the process but based on the previous attacks it is possible the access to the photos was gained while using same phishing techniques as in 2014 and later on.
It is important to mention the cybercriminals may target anyone and not just celebrities to try to extort money, and so on; which is why Internet users are encouraged to spread awareness and learn of ways to protect their private content. The studies carried out back in 2015 showed that “two thirds of men and women - despite the online scandal - still sexted with the same frequency.” Nonetheless, it was noticed that even though people are still exchanging nude photos many of them are being more cautious while doing so. Since the Fappening attacks are still happening taking extra precautions seems like a wise thing to do.
In addition to looking out for suspicious phishing emails, users who have sensitive content on their accounts are also recommended to use the so-called two-factor authentication. It is an extra layer of security that “requires not only a password and username but also something that only, and only, that user has on them.” For example, it could be a code sent to the user’s mobile phone. In such case, the hackers could not access your account even if they had login name and password as they would still need to type in the extra code. Thus, if you are afraid your private content could be at risk, we believe two-factor authentication is definitely worth considering.
- iCloud leaks of celebrity photos. Wikipedia.
- Phishing. Wikipedia.
- Rose Troup Buchanan. The Fappening: Jenifer Lawrence and Kate Upton Nude Leak Scandal Has Significantly Changed Global Sexting Habits, Research Claims. The Independent.
- Adarsh Verma. Fappening 2018: Private Pictures and Videos of Guardians of the Galaxy Actress Mikaela Hoover Leaked. Fossbytes.
- What is 2FA? SecurEnvoy.