After private photographs of some of the most famous women in the world were posted online, journalists, PR representatives, and curious internet users scrambled to figure out how a nameless hacker had gained access to the cellphones of the rich and famous.
When shocked internet users on underground forums tracked down the person believed to be behind the leak, his explanation was startlingly simple: iCloud.
After hundreds of private photographs were posted online, many commenters struggled to believe that someone had gained access to Apple's online service. The tech giant's online storage and backup service is praised by the company for its simplicity, that it "just works." And the hack could not have come at a worse time for Apple, which on Tuesday will stage its biggest event of the year: the launch of iPhone 6, a smartwatch, and a new operating system for its Macs, all of which are likely to have new features linked to iCloud.
As leaked photographs continued to be posted online, theories emerged regarding their source. Some suggested that a "brute force" hack recently unveiled by Russian security researchers was to blame, while some internet commenters wondered whether venue Wi-Fi at the Emmy Awards had been compromised. But the truth is far more disturbing: The leaked celebrity photos don't originate from a single hack but instead from a collector who gradually added to his haul over months before suddenly deciding to post it online.
This is the story of that collector, who goes by the screenname "OriginalGuy."
AnonIB: The Offshoot Hacker Community
The anonymous online forum AnonIB launched in May 2006 as an offshoot of the notorious image board 4chan. By mid-2006, 4chan's infamous /b/ forum had become a hostile mess of child pornography, Anonymous hackers, and online trolls. On Aug. 23, 4chan came under a DDoS attack launched by its own users, and many frequent posters left the site to seek alternative message boards. A group of longtime 4chan posters arrived at AnonIB, which offered a near-identical service.
As AnonIB grew in popularity, the site's administrators relaxed the rules. Child pornography and other illegal content were frequently posted on AnonIB, which eventually led to a series of FBI raids on the forum's servers and administrators. After years of upheaval, the site reappeared earlier this year, and the users returned to posting.
iCloud Hacking Ring
As well as hosting vast amounts of pornography, AnonIB also plays host to a ring of skilled hackers who have learned how to obtain naked photographs of women by breaking into iCloud accounts.
The /stol/ board on AnonIB (short for "Stolen" or "Obtained Photos") serves as a global meeting hub for iCloud hackers. Using specialist password-cracking tools and guessing targets' security questions through Apple's iForgot password reset form, AnonIB hackers are consistently able to gain access to iCloud accounts with only an email address.
Once inside, the hackers get to work to extract photographs as quickly as possible, using file-retrieval software to download photo backups.
A data retrieval tool used by iCloud hackers. (anonIB)
"OriginalGuy" The Porn Collector
The leaked celebrity photos weren't the result of a single hack but were instead hoarded over a period of months by one well-connected figure in underworld porn forums. As the Daily Mail reports, AnonIB user "OriginalGuy" has been identified as the source of the leaks, and posts seen by Business Insider on both AnonIB and 4Chan indicate that he has regularly contributed to celebrity porn threads on both sites. But despite knowing the user who leaked the trove of images, we still don't know the identities behind the hackers.
In a post on AnonIB shortly after the main leak of celebrity photos, OriginalGuy explained to other users how he had built up a collection of photos so explosive that image boards were struggling to keep up with page views.
The post above makes it clear that the naked celebrity photographs were assembled over a period of months by a team of collectors who specialized in valuable celebrity pornography.
On Tuesday, Apple released a statement that appears to confirm that the exploit favored by users of AnonIB was used to hack into celebrity iCloud accounts. Within the statement, Apple blames "a very targeted attack on user names, passwords, and security questions, a practice that has become all too common on the Internet."
AnonIB hackers use email addresses, password-cracking software, and weak security questions to hack accounts, making it quite likely that the tactics of the hackers at AnonIB were used to gain access to the celebrity photos.
The Nuclear Option
One of the most puzzling parts of the celebrity photo leak is why OriginalGuy decided to share his collection at all. With a haul built up over months, the collector claimed to have spent his own money on images of big-name celebrities. Why, then, were photos posted online on a quiet Sunday afternoon before Labor Day?
Pornography hoarders often do not possess skills or talents that they can use online, like an ability to hack. Instead, hoarders are defined by the content they keep. One of the internet's most legendary digital hoarders was "Freezer," a poster on invite-only torrent networks who repeatedly taunted other users with details about the rare music he owned. After his death, it was discovered that Freezer had taken his collection to the grave, asking his family in his will to destroy all the tapes. Whether pornography or music, the knowledge that you possess content nobody else does can be a powerful intoxicant.
So if porn collections are so valuable, why did OriginalGuy post his? It seems that OriginalGuy had a sudden realization that his collection wasn't so valuable after all.
Rumors of "major win" had circulated online for weeks before the leak. "Win" is a term used to refer to naked or sexual images of women found through hacking their online accounts. It's possible that part of OriginalGuy's collection had, against his knowledge, been sold to somebody else.
OriginalGuy admitted to paying "a lot via bitcoin" for a portion of the images when they were being traded between celebrity porn collectors on Friday and Saturday. As Deadspin reports, photographs had been shared online for weeks before OriginalGuy purchased them, potentially rendering his collection of little value.
Hours before the photos emerged, posters on AnonIB caught wind of a coming leak of celebrity images. While you might expect pornography fans to react with excitement over such news, many were terrified of what would happen next.
OriginalGuy knew that leaking his collection would have dire consequences for the iCloud hackers at /stol/ and the celebrity porn fans at 4chan. Whether he was angry over discovering that his collection was already online, or disappointed to learn that about 30% of his images were fake, OriginalGuy took to AnonIB on the afternoon before Labor Day to begin sharing his collection.
The Leak
The first site that OriginalGuy visited was AnonIB, his online "home." Censored versions of the leaked photographs were posted first to persuade users to donate Bitcoin to see the full versions.
AnonIB
OriginalGuy seemed aware that his actions were going to bring down the iCloud hackers and celebrity photo-trading ring, remarking that the "bubble" was "going to burst soon." His posts became increasingly frantic as he either expressed frustration over a lack of Bitcoin donations, or thanked users for sending him the digital currency.
After posting photos of Jennifer Lawrence on AnonIB, it seems that OriginalGuy has trouble connecting to the site. Commenting after the hack, OriginalGuy gave insight into what happened as he was leaking the images:
I didn't take the money and run. S--t got weird once I started posting samples. AnonIB must have IP blocked me. I was spending all of my time trying to find proxies, and then when I could get on the site, was being hammered by everyone and I couldn't even post. I got some private requests through email, but none ever came through. People wanted s--t for free. Sure, I got $120 with my Bitcoin address, but when you consider how much time was spent acquiring this stuff (I'm not the hacker, just a collector), and the money (I paid a lot via Bitcoin as well to get certain sets when this stuff was being privately traded on Friday/Saturday) I really didn't get close to what I was hoping for. Mainly because of the extra Bitcoin spammers spamming their own address ... I proved I had s--t, but people wanted more and more for free ... When I posted samples, someone was tracking me, trying to find me. My ISP kept cutting out. Weird emails were coming in. It kinda freaked me out and I had to leave for a couple of hours.
It's unclear whether OriginalGuy then visited 4chan to continue posting his images, or whether someone else with access to the collection, sensing that OriginalGuy had decided to cash in, began posting instead. Either way, once the images appeared on the more popular message board, the leak quickly attracted thousands of internet users. A Reddit live thread was created to catalogue and archive the images as they appeared, although it later buckled under the traffic it received.
The Aftermath
After Original Guy "dumped" his collection, many experienced iCloud hackers and celebrity photo traders declared the industry over. Following the hack, posters on AnonIB discussed the repercussions for their industry.
While iCloud hackers might believe that their exploit will be closed, Apple has yet to make changes to the iForgot password reset system. OriginalGuy never returned to leak more of his collection, perhaps realizing that his postings on underground web forums were attracting widespread attention. And as for AnonIB, the site remains live, and iCloud hackers are continuing to advertise their skills to users looking to steal naked photographs of women on the internet.
No comments:
Post a Comment