It just got even worse for the 101 celebrities whose naked photos were hacked from their iCloud accounts: An analysis of the metadata on Kate Upton’s photos show that her account was hacked using a priece of sofware intended for law enforcement agencies which downloads an entire backup copy of all the files on a target’s iPhone.
The software is called EPPB, or Elcomsoft Phone Password Breaker. It is intended for police departments and government agencies who want to “rip” entire copies of iPhones for evidence. We first saw the story on 9to5Mac, but the full account is on Wired. Here’s the key section:
If a hacker can obtain a user’s iCloud username and password with iBrute, he or she can log in to the victim’s iCloud.com account to steal photos. But if attackers instead impersonate the user’s device with Elcomsoft’s tool, the desktop application allows them to download the entire iPhone or iPad backup as a single folder, says Jonathan Zdziarski, a forensics consult and security researcher. That gives the intruders access to far more data, he says, including videos, application data, contacts, and text messages.
… Based on his analysis of the metadata from leaked photos of Kate Upton, he says he’s determined that the photos came from a downloaded backup that would be consistent with the use of iBrute and EPPB. If a full device backup was accessed, he believes the rest of the backup’s data may still be possessed by the hacker and could be used for blackmail or finding other targets.
NOW WATCH: Tech Insider videos
Business Insider Emails & Alerts
Site highlights each day to your inbox.