Feeds

Are you a HOT CELEB? Think your SEXY PICS are safe? Maybe NOT

JLaw, Upton snap blurt may be 'tip of iceberg', experts warn

Providing a secure and efficient Helpdesk

Rather than a single iCloud hack, this week's furore over celebrity nude pics looks more like the work of one or many "secret circles" of hackers whose members mingle on anarchic messageboard 4Chan to share their digital loot from computers and phones they've cracked over a period of years.

The photos were, according to one rumour investigated by The Register, stolen from various cloud backup accounts linked to Apple iPhones, Google Android devices and Windows phones.

Hackers used brute-force password guessing against iCloud accounts which Apple overnight confirmed had occurred on a limited basis, among other techniques, to harvest the data.

The Register has inquired among Google and Microsoft folk regarding evidence of targeted attacks against celebs using their services.

The Register understands the photos would have remained off the public radar, if it weren't for a dump on 4Chan public forums by a new member who bought his way into a secret circle and tried to cash out by offering the photos for sale.

Before this week's exposure, the celeb pics - dubbed 'wins' by members - were quietly traded inside the group, according to this theory.

This version of events explains why some of the nude celeb images were dated as far back as 2011 and others were taken just last month.

Lending further credence to the theory was that a mix of file formats and data remnants from variety of software and cyber lockers like Dropbox were contained in the picture cache.

Unsubstantiated chat logs by anonymous 4Chan users which surfaced online also suggest the existence of a secret smut circle.

Determining whether the rumour was fact or fiction may require the final results of FBI investigations.

Penetration tester Nicholas Cubrilovic, who has investigated similar networks of pic-pinchers, has written that there is lots of illicit pic-swapping going on online.

"What we see in the public with these hacking incidents seems to only be scratching the surface. There are entire communities and trading networks where the data that is stolen remains private and is rarely shared with the public," he writes.

"The goal is to steal private media from a target's phone by accessing cloud based backup services that are integrated into iPhone, Android and Windows Phone devices."

Cubrilovic has examined degenerate nude selfie and revenge porn networks and found communities where users would sell out their Facebook friends in a bid to obtain images on specific people that fellow members hold.

He details such operators' methods as follows:

"The frequent source of new leads for targets seems to be newcomers who know somebody they want to hack .... [they] will offer up a Facebook profile link, plus as much information as is required by the hacker to break [that] account, plus possible assistance in getting a RAT installed if required ... the hacker will supply the [newcomer] with a copy of the extracted data which they will also keep for themselves."

This was one of the most unsettling aspects of these networks to me – knowing there are people out there who are turning over data on friends in their social networks in exchange for getting a dump of their private data."

Work is sometimes delegated to members whose jobs could involve gaining open source intelligence on targets or hacking into their devices using social engineering trickery or password-guessing.

The organisation Cubrilovic checked out was visible across the public and private webs, with coordination through private instant messaging and email.

Cubrilovic advises users to use separate email addresses to separate their most sensitive data from the rest, adding there was "a reason why drug dealers carry multiple phones."

The Register concurs, and reminds everyone to maintain high entropy, non-cliche passwords and consider either encrypting saucy pics or storing them offline. ®

New hybrid storage solutions

More from The Register

next story
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.