Scammer Infiltrated Thousands of iCloud Accounts to Find Nude Photos

by

A criminal from Los Angeles has pled guilty to felony charges after breaking into thousands of iCloud accounts to hunt down nude photos of women, reports The Los Angeles Times.

iCloud General Feature
Hao Kuo Chi collected more than 620,000 private photos and videos by impersonating Apple customer support staff and sending out emails to trick his victims into providing Apple IDs and passwords. Chi used social engineering and phishing schemes to coerce his victims, and he did not breach Apple's ‌iCloud‌ protections.

Chi accessed photos and videos from at least 306 victims across the United States, and most of them were young women. Some of the victims were attacked at the request of people that Chi met online after he marketed himself as "icloudripper4you," a service that could break into ‌iCloud‌ accounts to steal photos and videos.

His unknown co-conspirators would ask Chi to hack a specific ‌iCloud‌ account, and he would respond with a Dropbox link. Chi operated two Gmail addresses "applebackupicloud" and "backupagenticloud," where the FBI found more than 500,000 emails with approximately 4,700 ‌iCloud‌ user IDs and passwords that he had been sent from his victims.

Chi's scam fell apart after he hacked the ‌iCloud‌ account of an unnamed public figure in March 2018 and the photos ended up on pornographic websites. The FBI launched an investigation, and found that a log-in to the victim's ‌iCloud‌ account had come from Chi's home.

Chi has pled guilty to one count of conspiracy and three counts of gaining unauthorized access to a protected computer, and he now faces up to five years in prison for each crime. In a phone call with The Los Angeles Times, Chi said that he was "remorseful" for what he did, but claimed he had a family to support. He said that he was afraid public exposure of his crimes would "ruin [his] whole life."

The unauthorized ‌iCloud‌ access perpetrated by Chi is similar to a 2014 attack that saw hackers gain access to celebrity iCloud accounts through their username and password.

After that incident, Apple bolstered ‌iCloud‌ account security, offering two-factor authentication and sending emails whenever there's a new login to an ‌iCloud‌ account. The people involved in Chi's attack likely did not have two-factor authentication enabled.

Apple recommends two-factor authentication for all Apple IDs to add extra security, and it offers a support document on how to avoid phishing schemes like the one used by Chi.

Tag: iCloud
Related Forum: Apple Music, Apple Pay/Card, iCloud, Fitness+

Top Rated Comments

ComRadMac Avatar
ComRadMac
13 months ago
"he was afraid public exposure of his crimes would "ruin [his] whole life."

Yes, that is the plan. Let's hope it works.
Score: 47 Votes (Like | Disagree)
JMacHack Avatar
JMacHack
13 months ago

uploading nudies to iCloud has got to be the most moronic computer activity a person can do
Incorrect, giving out the password to your cloud-hosted nudies is more stupid.
Score: 28 Votes (Like | Disagree)
iObama Avatar
iObama
13 months ago
"I had a family to support."

Wonder what they're gonna do now that you're in prison, *******.
Score: 26 Votes (Like | Disagree)
daved2424 Avatar
daved2424
13 months ago
To all the smart alecs on here, not everyone is as tech savvy as you and I. It is an unfortunate fact that some people are easy targets. Victim blaming is not big and it’s not clever, no matter how “dumb” you think the victims are.

Chances are though, they have better interpersonal skills than the lot you and are quite likely just nicer human beings.
Score: 26 Votes (Like | Disagree)
LukeDizzle Avatar
LukeDizzle
13 months ago
Link?

Asking for a friend
Score: 19 Votes (Like | Disagree)
Le Big Mac Avatar
Le Big Mac
13 months ago
At least 620,000 photos/videos of people having sex have been uploaded to iCloud? Come on people!
Score: 17 Votes (Like | Disagree)
Read All Comments

Related Stories

macos big sur ios 14 iphone 12 pro macbook air icloud drive desktop documents hero

Apple Merging 'iCloud Documents and Data' Service With iCloud Drive in May 2022

Tuesday May 11, 2021 2:36 am PDT by
Apple plans to merge its iCloud Documents and Data service with iCloud Drive starting in May of 2022, according to a support document published late last week (via MacGeneration). iCloud Drive and iCloud Documents and Data share the fundamental ability to backup data from apps. However, iCloud Documents and Data was often a cumbersome, confusing experience. In contrast, iCloud Drive is more...
Read Full Article96 comments
iOS 15

Apple Releases iOS 15.4 and iPadOS 15.4 With Face ID Mask Unlock, New Emoji, Universal Control, and More

Monday March 14, 2022 9:45 am PDT by
Apple today released iOS 15.4 and iPadOS 15.4, the fourth major updates to the iOS and iPadOS 15 operating systems that were released in September 2021. iOS and iPadOS 15.4 come a month after the launch of iOS 15.3.1 and iPadOS 15.3.1. The iOS 15.4 and iPadOS 15.4 updates can be downloaded for free and the software is available on all eligible devices over-the-air in the Settings app. To...
Read Full Article216 comments
icloud mail redesign

Web-Based iCloud Mail Redesign, Hide My Email, and Custom Domain Features Now Live

Monday September 20, 2021 1:00 pm PDT by
Alongside the launch of iOS 15, iPadOS 15, tvOS 15, and watchOS 8, Apple has also pushed an update for its iCloud.com website, introducing a new look for iCloud Mail that's viewed on the web. The new web-based iCloud Mail design looks similar to the Mail apps on devices running iOS 15, iPadOS 15, and the beta version of macOS Monterey. It is a cleaner and more streamlined look than the prior ...
Read Full Article64 comments
tmobilelogo

T-Mobile Says iOS 15.2 Bug Turning Off iCloud Private Relay for Some Users

Tuesday January 11, 2022 12:02 pm PST by
T-Mobile has not disabled iCloud Private Relay for its subscribers, in contrast to recent reports suggesting the carrier was preventing iPhone users from enabling the feature. In a statement to Bloomberg's Mark Gurman, T-Mobile said that iOS 15.2 device settings that default to the feature being toggled off, and that Apple has been contacted. T-Mobile explicitly says that iCloud relay has...
Read Full Article44 comments
icloud private relay unavailable

iCloud Private Relay Down for Some Users

Wednesday November 3, 2021 12:35 pm PDT by
Apple's iCloud Private Relay option is not working for some users, according to Apple's System Status page. The feature is experiencing an outage and is unavailable at the current time. According to Apple, the outage started at 11:40 a.m. Pacific Time and it is ongoing. Those who are having iCloud Private Relay issues may have received a notification letting them know that the feature is...
Read Full Article81 comments
custom email domain mail ios 15 4

iOS 15.4 Beta Adds Support for Setting Up Custom Email Domains With iCloud Mail

Thursday January 27, 2022 5:25 pm PST by
The iOS 15.4 beta that was introduced today expands support for the custom email domain feature available for iCloud+, adding an option to set up a custom domain with iCloud Mail directly on the iPhone. If you go to Settings > Apple ID > iCloud, "iCloud Mail" is now a tappable option and it includes a section for setting up a Custom Email Domain. Prior to now, custom domains were able to...
Read Full Article79 comments
iCloud Bug Feature Green

Developers Unhappy With Bug Causing iCloud Unreliability

Monday January 24, 2022 10:15 am PST by
A number of developers are upset with an increasingly problematic iCloud server issue that is causing some apps that have implemented iCloud support to fail to sync properly. As outlined on the Developer Forums and on Twitter, there are CloudKit connectivity issues that have been occurring since November. Some users of apps that have iCloud support built in are seeing the following message:...
Read Full Article163 comments
safari icon blue banner

Safari Will No Longer Save Passwords Without Usernames in iOS 15.4

Wednesday February 16, 2022 10:06 am PST by
In the iOS 15.4, iPadOS 15.4, and macOS Monterey 12.3 betas, Apple has added a minor quality of life improvement to the way Safari saves passwords. At the current time, Safari will gladly save a password without a username, which can lead to confusion later, but that's no longer the case in the beta updates. When you are prompted to save a password to iCloud Keychain in iOS 15.4, iPadOS...
Read Full Article56 comments

Popular Stories

Apple Watch Series 7 Starlight Midnight

Standard Apple Watch Series 8 Rumored to Feature Same Design as Series 7

Friday August 5, 2022 7:46 am PDT by
The standard 41mm and 45mm models of the Apple Watch Series 8 will feature the same design as the Apple Watch Series 7, according to Twitter user @ShrimpApplePro, who was first to reveal that iPhone 14 Pro models would feature a new pill-and-hole display. Titanium will not be an option for the standard Apple Watch Series 8 models either, according to @ShrimpApplePro, but Bloomberg's Mark...
Read Full Article200 comments
cook sept 2020 event

Gurman: Apple Preparing Pre-Recorded iPhone 14 and Apple Watch Series 8 Event

Sunday August 7, 2022 6:13 am PDT by
Apple has "started to record" its virtual September event, where it's expected to announce the upcoming iPhone 14 lineup, the Apple Watch Series 8, and a new "rugged" Apple Watch model, according to Bloomberg's Mark Gurman. Writing in his latest Power On newsletter, Gurman says the event, which is expected to take place in the early part of September, is already under production, implying...
Read Full Article90 comments
iPhone 14 Pro Purple Front and Back MacRumors Exclusive

Five iPhone 14 Rumors You May Have Missed

Thursday August 4, 2022 6:05 am PDT by
With August upon us, the countdown is officially on. We're just weeks away from when we're expecting Apple to announce the iPhone 14 lineup. Rumors of the next iPhone start early in the year, and as a result, some details about the upcoming device sometimes get lost in the crowd. Exclusive MacRumors iPhone 14 Pro renders by graphic designer Ian Zelbo To help MacRumors readers, we've created a ...
Read Full Article97 comments
banish safari app pop ups

New iOS App Blocks Those Annoying 'Open in App' Pop-Ups in Safari

Friday August 5, 2022 2:47 am PDT by
You've probably experienced visiting a website like Reddit or LinkedIn on your iPhone only to be greeted with an annoying, almost full-screen pop-up urging you to view the content in their app instead of on the website. It's a common practice for websites that have accompanying iOS apps to push users to open (if they already have the app installed) or download their app from the App Store to ...
Read Full Article109 comments
top stories 7aug22

Top Stories: iPadOS 16 Delayed, iPhone 14 Pro Rumors, Studio Display Speaker Issues

Saturday August 6, 2022 6:00 am PDT by
The big Apple news this week was word that the upcoming iPadOS 16 update apparently won't be arriving alongside its counterpart update for the iPhone in September, largely due to a need to continue refining the new Stage Manager multitasking feature. Other popular stories this week included more hints about the iPhone 14 Pro's rumored always-on display, potential design leaks for the...
Read Full Article24 comments