A 40-year-old California resident impersonated Apple customer service for 3 years in order to steal the iCloud accounts of young women looking for naked photos.
The creepy story, reported by the Los Angeles Times on August 23, 2021, takes place in La Puente, California. On May 19, 2021, the FBI rang the doorbell of a 40-year-old man, Hao Kuo Chi, with a search warrant. The latter, who also calls himself David, risks up to 5 years in prison, for facts for which he pleads guilty.
For more than 3 years, this forty-something had been involved in a network of theft and sharing of naked images – commonly called “nudes” – of young women. Between his personal loot and his exchanges, he got his hands on more than 620,000 photos and 9,000 videos, retrieved from thousands of iCloud accounts, Apple’s online storage service.
Authorities identified him following a private investigation. A company specializing in removing celebrity photos from the Internet had found naked photos of a local Tampa celebrity on a pornographic site. The victim had taken them on his iPhone, the backup of which is in iCloud. It is from the logs (the connection history) of the cloud space of this anonymous victim that the investigators went back to Hao Kuo Chi’s address.
A simple phishing for thousands of thefts
To access the victims’ iCloud accounts, the cybercriminal did not use a complicated hack, but simple phishing emails: he repeatedly confessed to impersonating an Apple customer service employee. His messages, sent from addresses like “applebackupicloud” and “backupagenticloud”, were intended to trick victims into telling him their Apple ID and password. In the jargon, we talk about typosquatting: the thug uses an address filled with keywords that could be in the address of the organization or the person he is imitating.
Once the precious sesame was obtained, Mr. Chi uploaded the images stored on the online space. Any naked photo was stored in a separate folder, under the code name “victories” and then shared with the entire network on an encrypted messaging. Questioned by the press, the defendant affirms that he does not know the true identity of his companions in crime. But he admitted to having killed at least 306 victims in the United States, mainly young women.
Where the case darkens still is that the thug did not choose his victims at random. It did so, in more than two-thirds of cases, at the request of people he met online. Under the nickname “iclouddripper4you” (which could be translated as “the iCloud leaker for you”), the 40-year-old presented himself on forums and offered his services as “hacker” of iCloud accounts. His associates would ask him to hack a particular account, and the cybercriminal would send them a copy of the content on Dropbox.
By pleading guilty, Chi hopes that the case will “ not ruin his whole life “, Asserting that he” regret what he did “And recalling that” has a family “. The FBI specifies for its part that it has sent more than 500,000 emails and that it would have recovered 4,700 duos of identifiers for iCloud spaces – a figure much higher than that confessed.