Apple: iCloud not to blame, celebrities fall victim to targeted attacks
Apple has published details of the investigation of the acclaimed incident with the theft of personal images from celebrity iDevice devices. According to the company's specialists, celebrities have fallen victim to the so-called. targeted attacks that are associated with phishing messages. In this scenario, the attacker sends a special email to the victim's email address and invites her to provide the Apple ID password, which is then used to access the account. Such letters may contain a variety of topics to deceive users. It is also about the fact that attackers did not use an iBrute-type tool to exploit a service vulnerability through the Find iPhone API (the vulnerability is closed). iBrute uses brute force search. Meanwhile, it turns out that the security of services from Apple revealed new problems.
As an additional security measure to protect your account, Apple recommends the use of two-factor authentication 2FA (most recently appeared for Russian users). 2FA uses a special confirmation of access to the account (for example, SMS message) even if the user or the attacker knows the login and password of the account. But 2FA has a significant defect and does not protect the so-called. “Photo stream”, i.e., an attacker can get access to the user's private photos with 2FA enabled, having the Apple ID and password in hand. In addition, 2FA is also not able to protect the backups (backups) of the device (stored in iCloud), from which attackers can extract all the available information from the device that was previously archived from it.
')
Fig. Slide presentation of Elcomsoft specialists at the Hack In The Box conference. 2FA does not protect access to some important cloud data.
One of the forensic experts who investigated the metadata of the stolen photos, Kate Upton, said that the attackers could have access to the backup copies of the device, which are stored in iCloud, and then from there take pictures. For this purpose, a special tool could be used that allows such an operation.
As an additional security measure to protect your account, Apple recommends the use of two-factor authentication 2FA (most recently appeared for Russian users). 2FA uses a special confirmation of access to the account (for example, SMS message) even if the user or the attacker knows the login and password of the account. But 2FA has a significant defect and does not protect the so-called. “Photo stream”, i.e., an attacker can get access to the user's private photos with 2FA enabled, having the Apple ID and password in hand. In addition, 2FA is also not able to protect the backups (backups) of the device (stored in iCloud), from which attackers can extract all the available information from the device that was previously archived from it.
')
Fig. Slide presentation of Elcomsoft specialists at the Hack In The Box conference. 2FA does not protect access to some important cloud data.
One of the forensic experts who investigated the metadata of the stolen photos, Kate Upton, said that the attackers could have access to the backup copies of the device, which are stored in iCloud, and then from there take pictures. For this purpose, a special tool could be used that allows such an operation.
If you are a hacker, you can get access to your photos. But if you’re not interested
Source: https://habr.com/ru/post/235539/
All Articles