Apple patches Find My iPhone vulnerability

iPhone maker responds to reports that celebrity accounts were hacked

Apple has patched the security flaw that allowed a number of celebrities' private pictures to be leaked online.

The code vulnerability allowed hackers to shoot password attempts at the Find my iPhone application repeatedly until they were able to get the right one, without being locked out.

The criminals had to use the victims' usernames or registered emails, but these are widely available on the internet so wouldn't have been much of a challenge for hackers.

Advertisement - Article continues below

925Mac said: "It's worth noting that the vulnerability did not allow access to iCloud passwords, it only permitted repeated guesses or an automated dictionary attack. In order for it to succeed, relatively weak passwords would need to have been used on the accounts accessed."

According to reports, the accounts of Jennifer Lawrence, Ariana Grande, Victoria Justice, Kate Upton, Kim Kardashian, Rihanna, Kirsten Dunst and Selena Gomez were all hacked, although not all the individuals involved have confirmed their accounts were compromised, or the pictures leaked online were genuine.

The pictures were posted on bulletin-board 4chan where the owners demanded Bitcoins for its users to view the pictures. The posters said they had managed to access up to 100 female actresses and singers, but all the posts have now been removed by the site.

Advertisement
Advertisement - Article continues below

Just a couple of days ago, a proof-of-concept for this brute-force hack was leaked on code-hosting site GitHub, giving instructions on how to carry it out.

Although no one has officially linked the two incidents together, it's thought the hackers may have used the same method to get access to the private pictures.

The news comes just a week before Apple is due to announce its iPhone 6 smartphone on 9 September. 

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/mobile/mobile-phones/355819/iphone-11-is-now-the-worlds-most-popular-smartphone
Mobile Phones

iPhone 11 is now the world’s most popular smartphone

28 May 2020
Visit/mobile/mobile-phones/355761/apples-ios-135-update-targets-coronavirus-related-iphone-issues
Mobile Phones

Apple’s iOS 13.5 update targets coronavirus-related iPhone issues

22 May 2020
Visit/mobile/mobile-phones/355747/apple-reportedly-delaying-iphone-12-launch-until-october
Mobile Phones

Apple reportedly delaying iPhone 12 launch until October

21 May 2020
Visit/mobile/mobile-security/355702/fbi-and-justice-department-accuse-apple-of-stalling-terrorist-probe
mobile security

FBI and Justice Department accuse Apple of stalling terrorist probe

19 May 2020

Most Popular

Visit/operating-systems/microsoft-windows/355812/microsoft-warns-against-installing-windows-10-may-2020
Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
Visit/security/data-breaches/355777/easyjet-faces-class-action-lawsuit-over-data-breach
data breaches

EasyJet faces class-action lawsuit over data breach

26 May 2020
Visit/security/cyber-security/355797/microsoft-bans-trend-micros-rootkit-buster-from-windows-10
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020