Published in Cloud

Apple’s iCloud security turned over again

by on25 August 2021
Apple’s iCloud security turned over again


And it was not even aware of it

While the fruity cargo cult Apple was trying to reassure stuff that its attempts to scan users iClouds for kiddie porn were totally safe, a bloke in Los Angeles was harvesting an all you can eat buffet of user porn under its nose.

Hao Kuo Chi, 40, of La Puente broke into thousands of Apple iCloud accounts and collected more than 620,000 private photos and videos in a plot to steal and share images of nude young women, federal authorities say. He has agreed to plead guilty to four felonies, including conspiracy to gain unauthorized access to a computer, court records show.

Chi impersonated Apple customer support staff in emails that tricked unsuspecting victims into providing him with their Apple IDs and passwords, according to court records. He gained unauthorised access to photos and videos of at least 306 victims across the nation, most of them young women, he acknowledged in his plea agreement with federal prosecutors in Tampa, Fla.

Chi said he hacked into the accounts of about 200 of the victims at the request of people he met online.

Using the moniker "icloudripper4you", Chi marketed himself as capable of breaking into iCloud accounts to steal photos and videos, he admitted in court papers. Chi acknowledged in court papers that he and his unnamed co-conspirators used a foreign encrypted email service to communicate with each other anonymously.

 When they came across nude photos and videos stored in victims' iCloud accounts, they called them "wins" which they collected and shared with one another.

"I don't even know who was involved", Chi said Thursday in a brief phone conversation. He expressed fear that public exposure of his crimes would "ruin my whole life".

The scam started to unravel In March 2018. A California company that specializes in removing celebrity photos from the internet notified an unnamed public figure in Tampa, Fla., that nude photos of the person had been posted on pornographic websites, according to [FBI agent Anthony Bossone.

The victim had stored the nude photos on an iPhone and backed them up to iCloud. Investigators soon discovered that a log-in to the victim's iCloud account had come from an internet address at Chi's house in La Puente, Bossone said.

The FBI got a search warrant and raided the house May 19. By then, agents had already gathered a clear picture of Chi's online life from a vast trove of records that they obtained from Dropbox, Google, Apple, Facebook and Charter Communications.

Last modified on 25 August 2021
Rate this item
(1 Vote)
Tagged under
More in this category: « Microsoft wants to catch pirates with blockchain Volish customers have shedloads of exposed data »
back to top

Latest comments

Read more about: