In a latest statement issued by Apple regarding the iCloud breach, Apple has admitted that their service was hacked. They call it a “very targeted attack on user names” and blames the victims for using poor passwords.
“After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet,” Apple stated on a press release. “None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud(R) or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.”
However, according to a report from the Wired, a hacking tool was used to breach into celebrity iCloud accounts and it is still being used to hack more and more accounts. The report suggests that this tool called EPPB or Elcomsoft Phone Password Breaker, which was originally designed for Police use for hacking bad guys’ iPhones, is now available as a customized version through Github. The tool, now called iBrute, allows users to acquire passwords to iCloud accounts via Find My Phone service and access the content as the user.
Read Also: Dangers of Hacking and How to Protect Yourself from Cyber Attacks
Even though Apple denied any breach in their systems, the company has already issued a patch to Find My Phone API. Sadly, it hasn’t slowed down the hackers. It is still Fappening. The timing of this incident couldn’t have been worse, since Apple is planing to release next-gen iPhone’s in just a few days.
(All images, trademarks shown on this post are the property of their respective owners)
Follow @nrjperera – Roshan Jerad Perera
