Attacks in virtual world

Attacks in virtual world don’t remain unpunished in the real world

You’ve heard about the Jennifer Lawrence’s nude photos published all over the Internet in 2013-2015. Allegedly, some guy hacked into his victims’ iCloud account using a phishing scheme and copied all the compromising photos.

Now we know who this guy is: George Garofano, 26, one of the hackers of the online accounts of Hollywood stars. On Wednesday was sentenced to eight months in jail and three years of supervised release for phishing credentials out of celebrities and non-celebrities alike, then breaking into about 240 iCloud accounts to steal personal images that he spread far and wide on the Internet.

At the time of his guilty plea, Garofano admitted to sending emails to the victims under the guise of being a member of Apple’s online security personnel in order to obtain their usernames and passwords.

However, it seems that nobody learned anything from this event, called later “Celebgate”. Even if hackers ended up in jail and naked celebrities ended on Reddit, “Celebgate 2.0” hit in May 2017. Intimate photos of Emma Watson and Amanda Seyfried were stolen and published.

A few months later, “Celebgate 3.0” swept up personal images of Miley Cyrus, Kristen Stewart, Tiger Wood and others.

Edward Majerczyk, convicted and jailed, hit up his victims with a phishing scam in which he sent messages doctored to look like security notices from ISPs.

The phishing messages led victims to a website that harvested their usernames and the passwords for their Google or iCloud accounts. With the credentials in hand, Majerczyk logged into victims’ accounts and grab personal photos and videos.

What to do to prevent someone breaking into your accounts

We recommend that you enable two-factor authentication, also known as two-step verification, for any account that supports it.


Security & Privacy

University Papers Still for Sale in 2019?
The Issue of selling Univiersity Papers continues to Rumble on
26 January 2019

Identity Protection

Most websites leak the presence of user accounts
How this puts users at risk and how to fix it
01 November 2018

Tips & Advice

Don’t Get Locked Out of Your User Accounts
Some account security and recovery best practices
22 October 2018