Apple Reportedly Aware of iCloud Flaw Six Months Before Hacking of Celebrity Accounts

by

icloud_icon_blue Apple knew about an iCloud security flaw six months before it was utilized to hack celebrity accounts on the service, reports The Daily Dot. The company was notified of the exploit by independent security researcher Ibrahim Balic, who shared emails between himself and members of Apple's product security team.

In an email from March 2014, Balic told Apple that he was able to bypass the security of any iCloud account by using a "brute-force" hacking method that was able to try over 20,000 password combinations. Balic recommended to Apple that it should implement a feature in iCloud that prevents log-ins after a set number of failed attempts, and even reported the exploit through Apple's Bug Reporter. Balic was also the developer said to be behind the extended outage of Apple's Dev Center last year.

In May 2014, Apple emailed Balic and questioned the validity of the exploit, stating that it "would take an extraordinarily long time" to find a valid authentication token to get into an iCloud account using the flaw. Balic states that Apple continued to ask him about the exploit and how it would be utilized.

On September 1, 2014, hackers breached the iCloud accounts of many well-known actresses, downloading and leaking private photos and videos. While it was not initially known what caused the breach, The Next Web linked to a Python script on Github that may have been used for the hacking. The script utilized a brute-force like method which allowed hackers to keep guessing passwords without being locked out.

Apple acknowledged later in the day that it was investigating the breach, ultimately leading to comments from CEO Tim Cook along with new security implementations. Those implementations included automatic emails when iCloud accounts are accessed via web browsers, automatic two-factor authentication for iCloud.com, and mandatory app-specific passwords for third-party apps accessing iCloud.

Top Rated Comments

Jimrod Avatar
Jimrod
125 months ago
It's all going rather brilliantly at the moment isn't it.
Score: 81 Votes (Like | Disagree)
Xultar Avatar
Xultar
125 months ago
I'm waiting or the not Apple's fault crowd.

I love apple products, the culture, heck I love everything about apple EXCEPT the excuses made for them. Apple prides itself on excellence. Until they no longer make quality and excellence a selling point their customers need to demand it and call them out when they under perform.

Making excuses for mistakes & sloppy work will not help Apple.
Score: 32 Votes (Like | Disagree)
maflynn Avatar
maflynn
125 months ago
Wow, more good news for apple. They're really hitting their stride with bad press lately.

Bending phone
iOS 8.01 bug that should not have been rolled out
iCloud security issues that should have been addressed sooner.
Score: 31 Votes (Like | Disagree)
sshambles Avatar
sshambles
125 months ago
Geeze, when it rains (bad news) it pours.
Score: 26 Votes (Like | Disagree)
Keniutek Avatar
Keniutek
125 months ago
LOL, apple realy is on a roll lately. Leaked pics, great keyonte stream, bend gate, ios8 and 8.0.1.
Bravo, well deserver Thanksgiving break ;).
Score: 19 Votes (Like | Disagree)
jamesrick80 Avatar
jamesrick80
125 months ago
Surely wouldn't trust them with Apple pay now, imagine your credit card information stolen. :rolleyes:
Score: 19 Votes (Like | Disagree)
Read All Comments

Popular Stories

iOS 18 Apple Music Messages and Notes Feature 1

iOS 18 Rumored to Add New Features to These 16 Apps on Your iPhone

Tuesday April 30, 2024 10:44 am PDT by
Apple is expected to announce iOS 18 during its WWDC keynote on June 10, and new features have already been rumored for many apps, including Apple Music, Apple Maps, Calculator, Messages, Notes, Safari, and others. Below, we recap iOS 18 rumors on a per-app basis, based on reports from MacRumors, Bloomberg's Mark Gurman, and others: Apple Maps: At least two new Apple Maps features are...
Read Full Article74 comments
apple watch ipad demo 1

Check Out This Apple Watch iPad Demo Unit From 2014

Wednesday May 1, 2024 1:46 pm PDT by
With the 10th anniversary of the Apple Watch approaching, we thought it would be fun to take a look back at an interesting bit of Apple Watch history. After the Apple Watch was announced in 2014, and before it became available in 2015, Apple sent out custom Apple Watch iPad demo kiosks to retail stores. The Apple Watch and iPad units used for these devices were specially designed, had custom ...
Read Full Article42 comments
maxresdefault

Will the New iPad Pro Really Have the M4 Chip?

Wednesday May 1, 2024 8:30 am PDT by
While Apple's upcoming iPad Pro models have been expected to feature the M3 chip for over a year, recent reports have unexpectedly suggested that the new devices will instead feature the as-yet-unannounced M4 chip. Subscribe to the MacRumors YouTube channel for more videos. Last week, Bloomberg's Mark Gurman said that he now believes there is a "strong possibility" that the upcoming iPad Pro ...
Read Full Article356 comments
Apple CarPlay Dash

Report Examines GM's Controversial Move to Abandon Apple CarPlay

Wednesday May 1, 2024 4:53 am PDT by
An in-depth Bloomberg report today resurfaced General Motors' decision to replace Apple CarPlay with its own software. Last year, GM announced that it planned to forgo Apple CarPlay in its new electric vehicles, starting with the 2024 Chevrolet Blazer EV. Instead, the automaker introduced a proprietary infotainment platform, aiming to control and customize the digital experience within its...
Read Full Article441 comments
Apple Watch Ultra 2 hero feature blorange

Kuo: Apple Watch Ultra to Get 'Almost No' Hardware Upgrades This Year

Wednesday May 1, 2024 6:53 am PDT by
Just over six months ago, Apple supply chain analyst Ming-Chi Kuo said the likelihood of a new Apple Watch Ultra being released in 2024 was "decreasing," but it now sounds like there will be an Apple Watch Ultra 3 this year after all. In a direct message shared with MacRumors today, Kuo said that while the Apple Watch Ultra will be updated this year, the new model will have "almost no"...
Read Full Article109 comments