News

The Reason of Jennifer Lawrence Nude Photo Leaking

2014-09-09

Recently, the leaking of hundreds of nude photographs of Hollywood celebrities through Apple iCloud vulnerabilities cast extensive attention and discussion. Dozens of private photos of celebrities including Jennifer Lawrence, Victoria Justice, Emily Browning, Kate Bosworth, Jenny McCarthy, Kate Upton have been leaked maliciously.

 

Allegedly, many believed that the hacker uses unlimited password guessing breach in Apple's Find My iPhone function to gain access to celebrities' iCloud account information. Hackers can take advantage of "brute force" service with certain tools to gain access to users' iCloud accounts. Once the user's username and password are compromised, attackers can randomly access all services provided by Apple.

 

However, Baidu Antivirus security experts added that Apple denied any breaches in iCloud or Find My iPhone system that connected to the leak. It said that nude photos of celebrities like Jennifer Lawrence were leaked because certain celebrity accounts were compromised by a very targeted attack on usernames, passwords and security questions. After having gained access to celebrities' accounts, they leaked the private photos and videos to the public.

 

To protect against this type of attack,Baidu Antivirus security experts advise all users to always use a strong password and enable two-step verification. Both of these are addressed on Apple website at 
http://support.apple.com/kb/ht4232. 

 

Baidu Antivirus Security Center also alerts users to watch out Apple account related phishing attacks besides the leak of iCloud account due to brute force service and do not enter iCloud username and password on unfamiliar websites.


Network attacks behind the hot issue:

 

There are always series of network attacks behind every hot issue and Baidu Antivirus security experts have noticed that attackers were trying to use this leak event to spread malicious programs.

 

Case 1: Spread via files of nude photos

For example, downloading The.Fappening.zip will guide users to download an ad downloader named The_Fappening_zip.exe

 


Case 2: Spread fake player files via twitter

 

Finally, Baidu Antivirus security experts stressed:

 

No personal information can be absolutely safe on the internet. All the information inside your iPhone such as calls, text messages and photos could been compromised.

 

Sensitive users should shut down the Auto-Sync function in iCloud and use more powerful username and password as well as enable the two-step verification function to enhance the account security. Users that have already stored important information in the cloud should delete related files from iCloud to avoid further unknown risks. Files that need to be uploaded to the cloud must be locally encrypted before uploading.

 

Currently, Baidu Antivirus users can protect against all types of Apple ID phishing sites just by enabling full protection. It is recommended that the other users download the latest version of Baidu Antivirus and enable the full protection feature to avoid financial loss.

 

Baidu Antivirus official site: http://antivirus.baidu.com 

Baidu Antivirus official Facebook: https://www.facebook.com/BaiduAntivirusEN