The iCloud hack issue isn’t going away. Wired is saying that a piece of software called EPPB (Elcomsoft Phone Password Breaker) to obtain data from iCloud. Here are the details:
On the web forum Anon-IB, one of the most popular anonymous image boards for posting stolen nude selfies, hackers openly discuss using a piece of software called EPPB or Elcomsoft Phone Password Breaker to download their victims’ data from iCloud backups. That software is sold by Moscow-based forensics firm Elcomsoft and intended for government agency customers. In combination with iCloud credentials obtained with iBrute, the password-cracking software for iCloud released on Github over the weekend, EPPB lets anyone impersonate a victim’s iPhone and download its full backup rather than the more limited data accessible on iCloud.com. And as of Tuesday, it was still being used to steal revealing photos and post them on Anon-IB’s forum.
I spoke about iBrute a few days ago. I also spoke to the fact that the hole that allowed iBrute to work is now closed. What’s scary about this is that anyone with $400 and someone’s iCloud username and password can do this. This should send chills down your spine. The only good news is that this seems to somewhat validate Apple’s “blame the user” statement from yesterday.
Related
This entry was posted on September 3, 2014 at 6:08 pm and is filed under Commentary with tags Apple, Hacked, Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Hackers Used Police Tool To Leak Celeb Photos: Wired
The iCloud hack issue isn’t going away. Wired is saying that a piece of software called EPPB (Elcomsoft Phone Password Breaker) to obtain data from iCloud. Here are the details:
On the web forum Anon-IB, one of the most popular anonymous image boards for posting stolen nude selfies, hackers openly discuss using a piece of software called EPPB or Elcomsoft Phone Password Breaker to download their victims’ data from iCloud backups. That software is sold by Moscow-based forensics firm Elcomsoft and intended for government agency customers. In combination with iCloud credentials obtained with iBrute, the password-cracking software for iCloud released on Github over the weekend, EPPB lets anyone impersonate a victim’s iPhone and download its full backup rather than the more limited data accessible on iCloud.com. And as of Tuesday, it was still being used to steal revealing photos and post them on Anon-IB’s forum.
I spoke about iBrute a few days ago. I also spoke to the fact that the hole that allowed iBrute to work is now closed. What’s scary about this is that anyone with $400 and someone’s iCloud username and password can do this. This should send chills down your spine. The only good news is that this seems to somewhat validate Apple’s “blame the user” statement from yesterday.
Share this:
Like this:
Related
This entry was posted on September 3, 2014 at 6:08 pm and is filed under Commentary with tags Apple, Hacked, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.