Former high school teacher used Elcomsoft software in 'Celebgate' hack

Posted:
in General Discussion edited October 2018
A Virginia man on Monday pleaded guilty for his part in accessing, and attempting to access via phishing, more than 200 iCloud, Yahoo and Facebook accounts, some of which belonged to Hollywood celebrities.

iCloud Photosharing


The U.S. Attorney for the Eastern District of Virginia said Christopher Brannan, 31, of Richmond pleaded guilty to unauthorized access to a protected computer and aggravated identity theft, crimes punishable by a maximum seven years in prison.

According to court documents, Brannan, a former teacher at Lee-Davis High School, gained unauthorized access to iCloud backups, personal photographs and other data by answering email account security questions using information gleaned from Facebook.

Brannan also used typical phishing schemes to obtain username and password information for target accounts. Specifically, email messages resembling legitimate correspondence from Apple security personnel were sent to victims in a bid to gain access to their internet accounts.

Unlike previous "Celebgate" hackers who relied mainly on first-party tools and internet clients to access target iCloud accounts, Brannan also utilized third-party products from Elcomsoft. The specialized forensics software was employed to download entire iCloud accounts from Apple servers, which were subsequently combed through for private photographs and video, including nude photos.

Whether Brannan disseminated the ill-gotten goods to other individuals, or merely stockpiled the content for personal use, is unknown at this time.

In 2014, a cache of nude photos and video belonging to prominent entertainment industry figures circulated through the dark web before making its way into the public sphere via file sharing protocols like BitTorrent.

Dubbed "Celebgate," the incident was incorrectly blamed on an iCloud security breach. Apple denied the claims and further investigation revealed the images were procured through simple social engineering.

Brannan was charged in April and is due for sentencing on Jan. 25, 2019. Parties involved in the case have entered a non-binding recommendation that he be jailed for 34 months.

A number of hackers have been named, charged and sentenced as a result of an FBI investigation into the scandal. Last year, an Illinois man was sentenced to 9 months in prison for a phishing attack targeting more than 300 iCloud and Gmail accounts. Prior to that, a Pennsylvania man was sentenced to 18 months in prison for accessing 50 iCloud accounts and 72 Gmail accounts.

Most recently, a Connecticut man was in August sentenced to eight months in prison, followed by three years of supervised release, for instigating a phishing attack on more than 200 iCloud accounts.

Comments

  • Reply 1 of 7
    So roughly one day per account. Doesn’t sound like much....
    jony0
  • Reply 2 of 7
    Penalties for phishing need to be much more severe. Make the prison terms years, not months.
    chasmracerhomie3jony0
  • Reply 3 of 7
    Rayz2016Rayz2016 Posts: 4,556member
    People and Facebook: when will they learn?

    Also:

    Specifically, email messages resembling legitimate correspondence from Apple security personnel were sent to victims in a bid to gain access to their internet accounts.

    🤦🏾‍♂️


    watto_cobra
  • Reply 4 of 7
    Apple ExposedApple Exposed Posts: 15unconfirmed, member
    I'm sure "Yahoo" and "Facebook" will be omitted from articles and "Apple hacked" will replace "phishing".

    Thanks AI for at least being honest.
    lolliverwatto_cobrajony0
  • Reply 5 of 7
    MacProMacPro Posts: 17,892member
    I'm sure "Yahoo" and "Facebook" will be omitted from articles and "Apple hacked" will replace "phishing".

    Thanks AI for at least being honest.
    Exactly.  Sadly, the two terms are now interchangeable in the minds of the great unwashed.
    watto_cobra
  • Reply 6 of 7
    MacProMacPro Posts: 17,892member
    Rayz2016 said:
    People and Facebook: when will they learn?

    Also:

    Specifically, email messages resembling legitimate correspondence from Apple security personnel were sent to victims in a bid to gain access to their internet accounts.

    🤦🏾‍♂️


    Never it seems.  The same friends send me copies of emails they dare not open almost daily.  I have lost count the times I have pointed out Apple (or anyone else) would never send an unsolicited email that asks for your username and password, plus showing them the dropped down the menu of the sender's account showing it was from [email protected] or similar.  
    watto_cobra
  • Reply 7 of 7
    One things that companies (including Apple) could do to help combat phishing is to stop hiding e-mail addresses by default in their e-mail software. Whatever benefit you get from not seeing the address of the person who wrote to you is easily counteracted by the added security. I know addresses can be spoofed and links can be used to eliminate the need for a valid reply-to address, but the benefit of not seeing return addresses really seems pretty minimal. 
    jony0
Sign In or Register to comment.