The shockingly simple way the nude photos of 'Celebgate' were stolen
The Pennsylvania man expected to plead guilty to stealing private, nude photographs of celebrities used an email phishing scheme to access more than 100 personal accounts. After much speculation about how one of the biggest celebrity hacks in recent memory happened, it seems the answer is relatively simple.
The Pennsylvania man expected to plead guilty to stealing private, nude photographs of celebrities used an email phishing scheme to access more than 100 personal accounts. After much speculation about how one of the biggest celebrity hacks in recent memory happened, it seems the answer is relatively simple.
Ryan Collins, 36, of Lancaster, was charged with a computer-hacking felony Tuesday for his part in the theft of hundreds of nude photos of female celebrities in 2014, which were then posted online in what became known as "Celebgate."
Based on statements in the plea agreement and from prosecutors, it appears one major part of Celebgate is surprisingly simple: that many of the photos were stolen through a clever exploitation of a previously unknown iCloud security flaw - an assertion Apple had denied.
Collins allegedly used a method of gaining access to password-protected accounts that can victimize pretty much anyone. Phishing schemes come in many flavors, but all follow the same basic outline: Users are tricked into giving out sensitive information by malicious email accounts or websites that appear legitimate. "Spear phishing," which appears to be what happened here, involves targeting specific users by impersonating businesses or individuals they might already know.
According to court filings, Collins stole photos, videos, and sometimes entire iPhone backups from at least 50 iCloud accounts and 72 Gmail accounts, "mostly belonging to celebrities," between November 2012 and September 2014, when the photos were posted online. The U.S. Attorney's Office in the Central District of California has confirmed that Collins was charged as a result of a federal investigation into Celebgate, although court documents and statements pertaining to his plea deal do not name any of his famous victims.
Jennifer Lawrence, Kate Upton, Kirsten Dunst, Avril Lavigne, Lea Michele, McKayla Maroney, and Ariana Grande were among the celebrities whose photos were said to be in the Celebgate dump. Some, like Lawrence, Upton, and Dunst, confirmed the photos were genuine.
Collins allegedly gained access by setting up emails designed to look like official accounts associated with the Google or Apple services used by his celebrity targets.
It seems unlikely investigators believe Collins is the sole source of the photos in the Celebgate cache. He is, however, the first to be charged in connection with the FBI investigation. As part of a plea deal, prosecutors will recommend an 18-month prison sentence. The charge against him carries a maximum of five years in prison.