iCloud hacker stole intimate photos from hundreds of Apple customers

Hacker broke into hundreds of iCloud accounts over the course of multiple years

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A man has admitted to breaking into the accounts ofApple iCloudusers in order to steal intimate images and videos,court filingsshow.

Hao Kuo Chi, who lives in California, was found to have conspired with others to unlawfully access thecloud storageaccounts of more than three hundredsApplecustomers across the US. This campaign extended at least as far back as September 2014.

As noted in adocumentfrom the US Department of Justice, once inside, Chi “specifically sought out nude photographs and videos of young women”. These assets were then traded with “conspirators”, some of whom later leaked the content into the public domain.

Although Chi has not yet been sentenced, the joint penalties for conspiracy and computer fraud carry a maximum of 20 years in federal prison. As part of the plea agreement, he has agreed to testify against others involved in the scheme, which may or may not result in a more lenient sentence.

iCloud security

Under the online pseudonym “icloudripper4you”, Chi boasted frequently of his ability to break intoiCloudaccounts and exfiltrate the images and videos stored therein.

To gain access to iCloud accounts, Chi masqueraded as a member of the Apple customer support team using a series of fakeemailaccounts. Although the court documentation does not specify, victims were presumably encouraged to hand over their login credentials under false pretences.

The documentation also makes reference to instances in which conspirators themselves provided Chi with the Apple IDs andpasswordsof victims.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Although Chi sold the stolen content to others online, he also maintained a 1TB cloud storage subscription to house a large bank of nude images and footage for his personal collection. In total, this collection is said to have comprised hundreds of thousands of items.

While Chi’s scheme ultimately affected only a tiny fraction of Apple iCloud customers, of which there are thought to be roughly one billion, the duration and sexually-motivated nature of the crime will be cause for concern for many.

TechRadar Proasked Apple for comment on the steps users can take to shield their iCloud accounts from campaigns of this kind, but did not receive an immediate response.

Update:Apple has since provided a link to asupport pagedesigned to help customers recognize phishing messages and other scams.

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He’s responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

Samsung plans record-breaking 400-layer NAND chip that could be key to breaking 200TB barrier for ultra large capacity AI hyperscaler SSDs

Adobe’s decision to eliminate perpetual licensing for its Elements software has stirred controversy among consumers

Scotland vs South Africa live stream: how to watch 2024 rugby union Autumn International online from anywhere