Hacker who targeted celebrity Apple and Google accounts sentenced six months in prison
An Oregon man who earlier this year pleaded guilty to hacking into Apple and Google email accounts, including a number owned by unnamed celebrities, was sentenced to six months in prison this week.
In February, Andrew Helton pleaded guilty to stealing some 161 personal photos from 13 people after waging a two-year phishing campaign for user credentials, reports Los Angeles Times. U.S. District Judge John A. Kronstadt handed down the sentence on Thursday.
Details of Helton's technique were not disclosed, though prosecutors said victims received account verification emails they believed were from Apple and Google. The messages included a link to a malicious webpage posing as a legitimate account login portal. From 2011 until his arrest in 2013, Helton used the scheme to gain login and password information for 363 email accounts, including prominent individuals in the entertainment industry.
In a court filing seen by ABC News, U.S. Attorney Stephanie S. Christensen said the hacker "targeted, baited, and hooked" strangers, acquaintances and celebrities, with an endgame of gleaning nude and intimate images "for personal use." The pictures never made their way into the public realm, court documents said.
Helton said he regrets his actions, explaining that a bipolar disorder triggered the phishing attack. Court documents show Helton has been in treatment for the mental disorder since his arrest.
Helton's case predates the high-profile iCloud and Google account hack dubbed "Celebgate," so named for the resulting leak of nude photos stolen from celebrities like Jennifer Lawrence and Kate Upton. Two men who pleaded guilty to perpetrating the wide-ranging phishing scheme said they also used phony emails to trick targets into providing login credentials, but for cloud storage services run by Apple and Google.
In February, Andrew Helton pleaded guilty to stealing some 161 personal photos from 13 people after waging a two-year phishing campaign for user credentials, reports Los Angeles Times. U.S. District Judge John A. Kronstadt handed down the sentence on Thursday.
Details of Helton's technique were not disclosed, though prosecutors said victims received account verification emails they believed were from Apple and Google. The messages included a link to a malicious webpage posing as a legitimate account login portal. From 2011 until his arrest in 2013, Helton used the scheme to gain login and password information for 363 email accounts, including prominent individuals in the entertainment industry.
In a court filing seen by ABC News, U.S. Attorney Stephanie S. Christensen said the hacker "targeted, baited, and hooked" strangers, acquaintances and celebrities, with an endgame of gleaning nude and intimate images "for personal use." The pictures never made their way into the public realm, court documents said.
Helton said he regrets his actions, explaining that a bipolar disorder triggered the phishing attack. Court documents show Helton has been in treatment for the mental disorder since his arrest.
Helton's case predates the high-profile iCloud and Google account hack dubbed "Celebgate," so named for the resulting leak of nude photos stolen from celebrities like Jennifer Lawrence and Kate Upton. Two men who pleaded guilty to perpetrating the wide-ranging phishing scheme said they also used phony emails to trick targets into providing login credentials, but for cloud storage services run by Apple and Google.
Comments
Like that doesn't sound 'convenient'?
Let's blame a medical condition that you only start treatment for after you have been caught.
He should have got a stronger sentence IMHO. Not much of a disincentive to others is it really...
He had a bi-polar episode that lasted two years, forcing him to engage in phishing attacks? Maybe the judge should have a psych-eval. It's not clear to me if he was convicted of a felony or just charged with one. He should have been sentenced to a year and a day.
The inmates are running the asylum.
why does getting treatment after he's caught seem "convenient" to you? Getting caught probably incentivized him to accept that his behavior was a serious enough problem that it had to be addressed. People don't change unless they see personal benefit to it. Self worth, or more control over their experiences and their consequences... Whatever the motivator, has to come from inside and be based on self-benefit.
Overall, I'm surprised that he got as lenient a sentence as six months. It's almost reasonable, and I'm not used to seeing reasonable sentencing in news stories. Especially when people like to throw the word "terrorist" on every security violation. I almost wonder if it's a bit too lenient. Is he going to be barred from having access to networked computers or anything like that as a parole condition?
Either that or the DA is not standing for re-election in November.
IMHO, Politicans should not be lawyers.
A Psych reval? "I know you know that I'm not telling the truth"!