Apple patches Find My iPhone vulnerability
iPhone maker responds to reports that celebrity accounts were hacked
Apple has patched the security flaw that allowed a number of celebrities' private pictures to be leaked online.
The code vulnerability allowed hackers to shoot password attempts at the Find my iPhone application repeatedly until they were able to get the right one, without being locked out.
The criminals had to use the victims' usernames or registered emails, but these are widely available on the internet so wouldn't have been much of a challenge for hackers.
925Mac said: "It's worth noting that the vulnerability did not allow access to iCloud passwords, it only permitted repeated guesses or an automated dictionary attack. In order for it to succeed, relatively weak passwords would need to have been used on the accounts accessed."
According to reports, the accounts of Jennifer Lawrence, Ariana Grande, Victoria Justice, Kate Upton, Kim Kardashian, Rihanna, Kirsten Dunst and Selena Gomez were all hacked, although not all the individuals involved have confirmed their accounts were compromised, or the pictures leaked online were genuine.
The pictures were posted on bulletin-board 4chan where the owners demanded Bitcoins for its users to view the pictures. The posters said they had managed to access up to 100 female actresses and singers, but all the posts have now been removed by the site.
Just a couple of days ago, a proof-of-concept for this brute-force hack was leaked on code-hosting site GitHub, giving instructions on how to carry it out.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Although no one has officially linked the two incidents together, it's thought the hackers may have used the same method to get access to the private pictures.
The news comes just a week before Apple is due to announce its iPhone 6 smartphone on 9 September.
Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.
Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.
As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.