Attacks in virtual world
Attacks in virtual world don’t remain unpunished in the real world
You’ve heard about the Jennifer Lawrence’s nude photos published all over the Internet in 2013-2015. Allegedly, some guy hacked into his victims’ iCloud account using a phishing scheme and copied all the compromising photos.
Now we know who this guy is: George Garofano, 26, one of the hackers of the online accounts of Hollywood stars. On Wednesday was sentenced to eight months in jail and three years of supervised release for phishing credentials out of celebrities and non-celebrities alike, then breaking into about 240 iCloud accounts to steal personal images that he spread far and wide on the Internet.
At the time of his guilty plea, Garofano admitted to sending emails to the victims under the guise of being a member of Apple’s online security personnel in order to obtain their usernames and passwords.
However, it seems that nobody learned anything from this event, called later “Celebgate”. Even if hackers ended up in jail and naked celebrities ended on Reddit, “Celebgate 2.0” hit in May 2017. Intimate photos of Emma Watson and Amanda Seyfried were stolen and published.
A few months later, “Celebgate 3.0” swept up personal images of Miley Cyrus, Kristen Stewart, Tiger Wood and others.
Edward Majerczyk, convicted and jailed, hit up his victims with a phishing scam in which he sent messages doctored to look like security notices from ISPs.
The phishing messages led victims to a website that harvested their usernames and the passwords for their Google or iCloud accounts. With the credentials in hand, Majerczyk logged into victims’ accounts and grab personal photos and videos.
What to do to prevent someone breaking into your accounts
We recommend that you enable two-factor authentication, also known as two-step verification, for any account that supports it.