Apple fixes an exploit of Find My iPhone that allows hackers to access personal photos stored in accounts iCloud. In the morning we learned about bulk photo leaks from about 100 celebrities.
During the last 12 hours the dianetwork has been flooded with very personal photos belonging to celebrities. Anonymous users from 4chan claim to have grabbed several photos from around 100 exposed celebrity iCloud accounts. In the list like first reported iGuRu.gr in the morning including the Jennifer Lawrence, Ariana Grande, Victoria Justice, Kate Upton, Kim Kardashian, Rihanna, Kirsten Dunst and Selena Gomez.
How;
Completely coincidentally, the day before the leak, it was uploaded to GitHub by codes for AppleID Password bruteforce as well as a proof-of-concept (PoC).
[tweet_embed id = 505743531789406208]
Leaked code can exploit a vulnerability on its page Find My iPhone which allowed hackers to constantly try to access passwords on their victims' accounts without the page blocking their connection. That's why they used bruteforcing techniques, and so they were able to discover the passwords of the celebrities without any trouble. Everything else is easy as well emails which they need as login names, can be easily discovered by anyone.
Η Apple Lossless Audio CODEC (ALAC), he managed to mend the exploit (strange that reacted immediately, but you would tell me the victims were not common mortals) when it was too late. Imagine what his accounts contained iClud. In addition to photos, hackers have certainly discovered other sensitive data, such as contact lists with phones name and emails.
It would not be surprising to see several targeted phishing attacks on names containing the victims's contacts…
