IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Apple patches Find My iPhone vulnerability

iPhone maker responds to reports that celebrity accounts were hacked

Apple has patched the security flaw that allowed a number of celebrities' private pictures to be leaked online.

The code vulnerability allowed hackers to shoot password attempts at the Find my iPhone application repeatedly until they were able to get the right one, without being locked out.

The criminals had to use the victims' usernames or registered emails, but these are widely available on the internet so wouldn't have been much of a challenge for hackers.

925Mac said: "It's worth noting that the vulnerability did not allow access to iCloud passwords, it only permitted repeated guesses or an automated dictionary attack. In order for it to succeed, relatively weak passwords would need to have been used on the accounts accessed."

According to reports, the accounts of Jennifer Lawrence, Ariana Grande, Victoria Justice, Kate Upton, Kim Kardashian, Rihanna, Kirsten Dunst and Selena Gomez were all hacked, although not all the individuals involved have confirmed their accounts were compromised, or the pictures leaked online were genuine.

The pictures were posted on bulletin-board 4chan where the owners demanded Bitcoins for its users to view the pictures. The posters said they had managed to access up to 100 female actresses and singers, but all the posts have now been removed by the site.

Just a couple of days ago, a proof-of-concept for this brute-force hack was leaked on code-hosting site GitHub, giving instructions on how to carry it out.

Although no one has officially linked the two incidents together, it's thought the hackers may have used the same method to get access to the private pictures.

The news comes just a week before Apple is due to announce its iPhone 6 smartphone on 9 September. 

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update
Whitepaper

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update

12 May 2022
Three lessons the iPod can teach us about disruption
Technology

Three lessons the iPod can teach us about disruption

11 May 2022
Best smartphone 2022: The top handsets from Apple, Samsung, Google and more
Mobile

Best smartphone 2022: The top handsets from Apple, Samsung, Google and more

8 Apr 2022
IT Pro News In Review: The Works cyber attack, Lenovo recruitment drive, old macOS vulnerabilities
cyber security

IT Pro News In Review: The Works cyber attack, Lenovo recruitment drive, old macOS vulnerabilities

8 Apr 2022

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022