You are hereBlogs / dlindorff's blog / No! Your data is not safe!: Hackers Used Government Spyware to Data-rob iCloud

No! Your data is not safe!: Hackers Used Government Spyware to Data-rob iCloud


By dlindorff - Posted on 04 September 2014

By Alfredo Lopez


One sensationally reported incident this week exposes a dual threat: your data isn't safe on a corporate-controlled "cloud" and spying software made for police and government agencies makes it completely accessible.

The leaking of celebrities' photos, most compromising and some nude, from Apple's iCloud storage system shows how silly we can be about nudity and celebrity and what our media thinks is important in the world. These were self-shot photos nude people and nudity is something we can all see in the mirror!

There is, however, a very important point to the entire affair and, unlike the naked photos, it's worth talking about.

Apparently, according to Apple, this wasn't a breach; there was no break-down in the security system for the company's giant storage service. Instead, the hackers used what is called a "brute force attack" -- a password-guessing method that uses software readily available to hackers to guess and test passwords to access a private account.

In the last couple of days, however, experts have become almost sure that the software used to capture the iCloud user data is a program designed for use by police and government surveillance. The program is called EPPB or Elcomsoft Phone Password Breaker and it's made by a Russian outfit called Elcomsoft. Elcomsoft specializes in selling it to government authorities but it will sell it to anyone willing to pay the price. Apparently these hackers got a hold of that program and maybe, indeed, have done so through legal purchase.

The scenario goes like this: a hacker uses a program called iBrute which is a brute-force password guessing program for the iPhone. Yeah, there is actually such a program. It's available free on line. With that, you can acquire certain types of information. But if you manage to get the user's password with iBrute, you can then use EPPB to capture the user's entire storage -- everything they have on the iCloud and nobody will know.

The instructions appear on hacker message boards. "Use the script to hack her passwd...use eppb to download the backup," wrote a hacker on the Anon-IB message board (or forum). "Post your wins here ;-)" That's what they call data theft: "wins".

This appears to be what these hackers did and, as of this writing, they're still doing it. Data is currently still being stolen from iCloud. Apple appears unable to stop it.

The company points out that it offers a two-part verification system; you need to get a code emailed to you in addition to your username/password. This means that most people really aren't vulnerable, it says. Apple called the hack "very targeted" to a few celebrities and claimed it had ended. Given the information about EPPB and the continuous theft of data from iCloud accounts, that statement seems highly questionable...


For the rest of this article by ALFREDO LOPEZ in ThisCantBeHappening!, the new independent, uncompromising, four-time Project Censored Award-winning online alternative newspaper, please go to: www.thiscantbehappening.net/node/2439

Speaking Events

2016

 

March 24, Boone, NC.

 

March 25, Asheville, NC
Battery Park Apartments, 1 Battle Square, rooftop room, noon - 2 p.m.
Sign up on FB.

 

War Is A Lie: Second Edition
Published April 5, 2016
Tour begins here:

April 11, Washington, DC, 6:30-8:00 p.m. at Busboys and Poets at 5th and K Streets.
Sign up on FB.

 

April 12, Baltimore, MD, 7:30 p.m. at Red Emma's.
Sign up on FB.

 

April 14, Bellingham, WA, 7:00-9:00 p.m. at Bellingham Unitarian Fellowship.
Sign up on FB.

 

April 15, Seattle, WA
Town Hall Seattle
1119 Eighth Ave (8th and Seneca) 
Seattle, WA 98101
7:30pm
Sign up on FB.

 

April 16 Portland, OR

 

April 24, Oneonta, NY at Unitarian Universalist Society of Oneonta.
5:30 discussion with students.
7:00 talk and Q&A with everyone.
Sign up on FB.

 

May 28, San Francisco, CA
11 a.m. to 1 p.m., David Swanson interviewed by Daniel Ellsberg, at San Francisco Main Public Library, 100 Larkin Street.
Sign up on FB.



May 28, Marin County, CA
4 to 6 p.m., David Swanson in conversation with Norman Solomon, at Book Passage, 51 Tamal Vista Blvd., Corte Madera, CA
Sign up on FB.



May 29, Oakland, CA
3 to 4 p.m., David Swanson interviewed by Cindy Sheehan, at Diesel: A Bookstore, 5433 College Avenue at Kales (near Manila), Oakland, CA
Sign up on FB.



May 29, Berkeley, CA
7:30 to 9 p.m., David Swanson and Cindy Sheehan at Berkeley Fellowship of Unitarian Universalists, sponsored by the Social Justice Committee and Cynthia Papermaster, 1606 Bonita Ave. (at Cedar), Berkeley, CA
Sign up on FB.



May 30, Fresno, CA
2 to 4 p.m., David Swanson and Cindy Sheehan at a Peace Fresno event

 


June 11 St. Paul, MN, 6 p.m. at Macalester Plymouth Church Social Hall 1658 Lincoln, St. Paul, MN.
Sign up on FB.

 

June 12 Minneapolis, MN, 9 and 11 a.m. at St. Joan's 4533 3rd Ave So, Minneapolis, MN, plus peace pole dedication at 2 p.m.
Sign up on FB.

 

Other Events Here.

CHOOSE LANGUAGE

Support This Site

Donate.

Get free books and gear when you become a supporter.

 

Sponsors:

Speaking Truth to Empire

***

Families United

***

Ray McGovern

***

Financial supporters of this site can choose to be listed here.

Buy Books

Get Gear

The log-in box below is only for bloggers. Nobody else will be able to log in because we have not figured out how to stop voluminous spam ruining the site. If you would like us to have the resources to figure that out please donate. If you would like to receive occasional emails please sign up. If you would like to be a blogger here please send your resume.
CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.