40-year-old Los Angeles resident Hao Kuo Chi has pleaded guilty to stealing more than 620,000 personal photos and 9,000 videos from someone else’s iCloud accounts.
Florida attorney’s office who filed against him accusations in conspiracy and computer fraud, reports that on the network Chi was known as icloudripper4you and was selling his “services” to hack iCloud. “Customers” pointed him to a specific iCloud account to be hacked, after which Chi and his unidentified accomplices posed as Apple support representatives in messages that they sent to the targets by email. After deceiving the victims’ iCloud credentials, the scammers stole photos and videos from their accounts.
The group was active from September 2014 to May 2018, during which time the attackers used the victims’ Apple ID and passwords not only to complete hacking orders, but also to search these accounts for photos and videos of nude people. Found revealing photos and videos of Chi and his associates were shared with each other through “a foreign end-to-end email encryption service to preserve anonymity.”
This month Chi pleaded guilty and confirmed that he had gained unauthorized access to at least 306 iCloud accounts (mostly young women) in Arizona, California, Connecticut, Florida, Kentucky, Louisiana, Maine, Massachusetts, Ohio, Pennsylvania, South Carolina and Texas.
According to the publication Los Angeles Times FBI agents found more than 500,000 fraudulent emails in two Gmail accounts (backupagenticloud and applebackupicloud) used for this scheme, as well as credentials for approximately 4,700 iCloud accounts. Chi’s Dropbox account, which was used to store and share stolen files, found about 620,000 photos and 9,000 videos totaling over 1 TB.
Chi was caught quite simply. Back in 2018, an unnamed public figure from Tampa discovered nude photos of himself on porn sites. The photo was found by a California-based company that specializes in removing celebrity photos from the Internet. Since these photos were stored only on the iPhone (from where they were copied to iCloud), the victim turned to law enforcement agencies, seeking to find the source of the leak.
Law enforcement officers quickly figured out that Chi was logging into the victim’s iCloud directly from his home in La Pointe, California. By the time the FBI received the warrant and searched his home, law enforcement officers had a clear understanding of Chi’s activities thanks to data provided by Dropbox, Google, Apple, Facebook and Charter Communications at the court’s request.