Home Tags Jennifer Lawrence

Tag: Jennifer Lawrence

‘Celebgate’ nudes thief gets just nine months of porridge

I was addicted to porno, says chap who nicked compromising photos of 300 people An American bloke has been jailed for breaking into the online accounts of 30 or so celebrities (and 270 other people) and swiping their most intimate snaps and secrets. Edward Majerczyk, 29, of Orland Park, Illinois, sent out hundreds of messages masquerading as legit emails from Apple and Google technical support.

These fake alerts convinced victims to type their usernames and passwords into a website controlled by the miscreant, allowing him to ransack their iCloud and Gmail accounts. Majerczyk, the son of two retired Chicago cops, was eventually collared by FBI agents probing "Celebgate" – the moment in 2014 when private nude photos of Kate Upton, Jennifer Lawrence, Ariana Grande and other stars were splashed on 4Chan and Reddit.

The pictures and videos were stolen from the victims' cloud accounts. During questioning, Majerczyk told the Feds he just wanted to "see things through other people's eyes." In a deal with prosecutors last July, he pleaded guilty to one count of unauthorized access to a protected computer to obtain information. “[Majerczyk] not only hacked into email accounts – he hacked into his victims’ private lives, causing embarrassment and lasting harm,” said the FBI's Deirdre Fike. “As most of us use devices containing private information, cases like this remind us to protect our data. Members of society whose information is in demand can be even more vulnerable, and directly targeted.” In addition to his sentence, handed down on Tuesday this week, Majerczyk was ordered to pay $5,700 to foot one celebrity victim's therapy bills.

The FBI also confiscated the hacker's Gateway computer, another desktop system, his iPhone, and various items of storage media. "At the time of the offense, Mr Majerczyk was suffering from depression and looked at pornography websites and internet chat rooms in an attempt to fill some of the voids and disappointments he was feeling in his life," his lawyer, Thomas Needham, told the court [PDF]. "After accessing the personal information and photographs for his personal viewing, he learned that others were distributing these private images on the internet. Mr Majerczyk did not realize the extent of this crime and was deeply affected by it. He immediately began seeing a therapist." According to his lawyer, there is no evidence that Majerczyk leaked any of the purloined pictures online. US prosectors did not charge him with the distribution of the images. Meanwhile in October last year, Ryan Collins, 36, of Pennsylvania, was jailed for 18 months for stealing similar snaps from people's accounts. Neither he nor Majerczyk have been directly accused of spreading the swiped selfies – a devastating leak that became known as The Fappening. Majerczyk's lawyer said his client was wracked with guilt and had had panic attacks since raiding his victims' private files.
Since it's said that he didn't upload the pictures to message boards, was a first-time offender, and pleaded guilty early, he received a relatively light sentence.
Still, the judge wasn't happy. "The conduct is abhorrent," said US district judge Charles Kocoras during this week's sentencing hearing in Illinois. "It's a very, very trying time that we live in." ® Sponsored: Continuous lifecycle London 2017 event.

DevOps, continuous delivery and containerisation. Register now

‘Fappening’ hacker gets 18 months in US federal clapper

One of two CelebGate hackers goes down, but uploader remains at large The 36 year-old hacker behind some of a massive public leak of private celebrity photos has been sentenced to 18 months prison. 36 year-old Ryan Collins, of Pennsylvania, was one of two suspects in the September 2014 leaks known online as the Fappening or CelebGate. Celebrities impacted include Jennifer Lawrence, Kate Upton, Rihanna, and Avril Lavigne. He was arrested in March and charged with hacking 50 iCloud and 72 Gmail accounts owned by Hollywood stars. A second man, Edward Majerczyk, 28, of Illinois, was collared in July and charged with hacking 300 iCloud and Gmail accounts of which 30 belonged to Silver Screeners. Together they hacked some 600 victims. Both have pled guilty to the charges involving sophisticated phishing attacks that saw the pair send mails purporting to come from Apple and Google.

Those efforts, which took place between November 2012 and September 2014, harvested account logins for entertainers and other prominent persons. Collins received a lighter penalty than the five years prison initially on the table for the guilty plea. The uploader or 'leaker' of the stolen images has not been found. ®

36-year-old Pennsylvania man gets 18 months for phishing nude celebrity pics

Wikimedia Commons user Tabercilreader comments 10 Share this story A 36-year-old Ryan Collins from Pennsylvania was sentenced to 18 months in prison after pleading guilty to hacking the Apple and Google accounts of more than 100 celebrities, including Jennifer Lawrence, Aubrey Plaza, Rihanna, and Avril Lavigne.

Collins stole personal information, including nude photos, from the celebrities. The photos were famously posted on 4chan and reddit in 2014.

Collins pleaded guilty to hacking the celebrities’ accounts in May, but he did not plead guilty to posting the images on the Internet. “Investigators have not uncovered any evidence linking Collins to the actual leaks or that Collins shared or uploaded the information he obtained,” the Department of Justice (DOJ) noted. According to The Guardian, Collins ran a phishing scheme from November 2012 to September 2014, sending celebrities e-mails that appeared to be from Apple and Google, requesting their user names and passwords. In a press statement, the DOJ wrote that Collins would illegally access respondents’ accounts and search for nude photos and videos. “In some instances, Collins would use a software program to download the entire contents of the victims' Apple iCloud backups,” the DOJ wrote. “In addition, Collins ran a modeling scam in which he tricked his victims into sending him nude photographs.” Collins apparently accessed at least 50 iCloud accounts and 72 Gmail accounts and stole information from more than 600 victims, not all of whom were celebrities. From the beginning, Apple maintained that the hacks weren’t the result of an iCloud vulnerability, but the fruit of a “very targeted attack on user names, passwords and security questions.” In the aftermath of the hack, some celebrities threatened Google with a $100 million lawsuit for failing to "act expeditiously and responsibly to remove the Images."

Second celebgate hacker pleads guilty to phishing

Phisherman's friend A second US man has pleaded guilty to stealing intimate pictures of celebrities using a phishing scam. Edward Majerczyk, 28, who resides in Chicago and Orland Park, Illinois, was charged with hacking into the Apple iCloud and Gmail accounts of more than 300 people, including Hollywood celbrities.
In a plea bargaining deal, Majerczyk agreed to plead guilty to one count of unauthorised access to a protected computer (i.e. computer hacking) contrary to the US Computer Fraud and Abuse Act. In return for copping a plea, Majerczyk, can expect a lighter sentence that he might otherwise have received if he’d been found guilty at trial. Nonetheless Majerczyk still faces a maximum sentence of up to five years in federal prison. “Hacking of online accounts to steal personal information is not merely an intrusion of an individual’s privacy but is a serious violation of federal law,” said United States Attorney Eileen M Decker. “Defendant’s conduct was a profound intrusion into the privacy of his victims and created vulnerabilities at multiple online service providers.” Majerczyk admitted to running a phishing scheme to obtain usernames and passwords for his victims between November 2013 and August 2014.

These phishing emails posed as a message from the security team of the intended mark’s service provider. Prospective marks were directed towards handing over their login credentials at a bogus site controlled by Majerczyk. Compromised credentials were used to harvest personal information including sensitive and private photographs and videos, according to a DoJ statement of his plea bargaining agreement. The charge against Majerczyk stems from the investigation into the leaks of photographs of numerous female celebrities in September 2014 known as “Celebgate”. Nudes pictures of more than 100 celebrities, including Oscar-winning actress Jennifer Lawrence, were leaked during through notorious image board 4Chan back in September 2014.

At the time, an iCloud security breach was blamed but now we know that phishing was also in play. Investigators failed to uncover any evidence linking Majerczyk to the actual leaks.

FBI investigators who investigated the case reckon Majerczyk accessed at least 300 accounts, and at least 30 accounts belonging to celebrities. Majerczyk is at least the second hacker to be prosecuted over Celebgate. Ryan Collins, from Lancaster in Pennsylvania, previously admitted he had illegally accessed and downloaded images from 50 iCloud accounts and 72 Gmail accounts. ®

Like Jennifer Lawrence’s naked photo leak, the Snappening is another example...

'The Snappening' - the vast leak of Snapchat pictures, including thousands of nude images - and the infamous leak of photos from Apple's iCloud, including much-swapped private photos of Jennifer Lawrence and other celebrities, demonstrate that interne...

Google could face $100m lawsuit over nude celebrity pictures

Lawyers of celebrities whose private pictures were published by hackers are threatening to sue Google for $100m for failing to remove the images from its search results and sites. Los Angeles-based law firm Lavely & Singer, which represents more than a dozen of the women affected, said Google should be held accountable. The law firm accuses Google of “making millions from the victimisation of women” after stolen private images of Jennifer Lawrence and other celebrities were widely distributed online in September 2014. At the time, Lawrence confirmed the pictures were genuine and threatened to prosecute anyone who posted the stolen photos online. In a letter to Google, lawyer Marty Singer claimed the company had failed “to act expeditiously and responsibly to remove the images”, the New York Post reported. The letter accused Google of profiting from the images by “knowingly accommodating, facilitating and perpetuating” publication of the images on its sites, including YouTube and Blogspot. Singer said the images are still on these sites, despite letters to Google sent shortly after the leak to demand they be removed under the US Digital Millennium Copyright Act (DMCA). “Because the victims are celebrities with valuable publicity rights you do nothing – nothing but collect millions of dollars in advertising revenue as you seek to capitalise on this scandal rather than quash it,” the lawyer said in his most recent letter to the internet firm. Singer claimed he had written to various website operators and internet service providers to demand the images be taken down, and most complied within hours. Google, by contrast, had “recklessly allowed these blatant violations to continue" without regard to the rights of his clients, the lawyer said. But Google claims it has removed tens of thousands of pictures within hours of the requests being made and closed hundreds of accounts. “The internet is used for many good things. Stealing people’s private photos is not one of them,” a Google spokesperson said in a statement to The Guardian. If Singer carries out his threat to go to court, it will not be the first time Google has faced legal action over inadvertently facilitating the spread of nude photos, the paper said. In March 2014, Texan Hollie Toups sued Yahoo and Google for failing to remove links to pictures of herself hosted on a revenge porn site. Like Singer, Toups claimed she had sent Google proper notice, requesting links to the pictures be taken down, but the company refused to do so. News of the potential lawsuit against Google coincides with the leak of another set of photographs of minor celebrities in compromising positions. Photographs of actresses AnnaLynne McCord, Nina Dobrev and Joanna Krupa, as well as model Erin Cummins and Nick Hogan – son of wrestler Hulk Hogan – were leaked this week, Mashable reported. Cloud-based services vulnerable to cyber attacks Information security professionals believe the celebrity photo leaks will help raise awareness of the vulnerability of cloud-based services to cyber attacks. “Cloud services are great if they are used appropriately, but most companies have not worked out what this means,” said Kenneth Yearwood, UK sales director for Guidance Software. “Sensitive data is better kept in-house, but for run-of-the-mill data, the cloud provides a convenient and cost-effective option for storage,” he told Computer Weekly. According to Yearwood, many companies have failed to separate their data into sensitive and non-sensitive categories. “But by doing that and ensuring no sensitive data is in the cloud, companies can eliminate a huge amount of risk,” he said. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK

Apple updates privacy policy and Tim Cook denies NSA collaboration

Apple has used the iPhone 6 launch to update its privacy policy with an open letter from CEO Tim Cook designed to assure iPhone, iPad and future iWatch users that their personal data will be kept safe and above all private. The statement comes followi...

Apple pushes security and privacy credentials after iCloud hack

Apple has expanded its use of two-factor authentication to its iCloud backup service two weeks after celebrity iCloud accounts were compromised and private photos leaked online. Although the company said iCloud security was not breached, within days of the leaks Apple announced it would take additional steps to keep hackers out of users' accounts. Private photographs of celebrities such as Jennifer Lawrence (pictured) were obtained in a “carefully targeted attack on user names, passwords and security questions”, Apple said in a statement. Security commentators called for Apple to expand its two-factor authentication facility to cover all services, to prevent hackers from using stolen credentials or automated tools to access accounts. Apple’s two-factor authentication system requires a one-time passcode or long access key, in addition to username and password to access an account. The system will protect users against attacks using automated tools. One such – Elcomsoft’s Phone Password Breaker – has been named as the likely method used to leak the celebrity photos, reported the BBC. Despite calls for Apple to make two-factor authentication mandatory or at least enable it as the default, the extra security facility remains optional, requiring users to turn it on. However, Apple has also introduced alerts that are sent to users as soon as an iCloud back-up starts downloading, even if two-factor authentication is not turned on. After the photo leaks, Apple chief executive Tim Cook told the Wall Street Journal the company planned to “aggressively encourage” people to use two-factor authentication and stronger passwords. In an interview with the paper, Cook acknowledged that Apple could have done more to prevent the attack on female celebrities' accounts. "When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece," he told the publication. "I think we have a responsibility to ratchet that up. That's not really an engineering thing." NSA spying scandal At the same time as introducing extra technical security measures, Apple has published a 43-page white paper and added a section to its website explaining how the company approaches security and privacy. The move appears to form part of Apple’s efforts to distance itself from the NSA spying scandals, revealed by whistleblower Edward Snowden, which have been linked to several top US technology firms. Reports based on documents leaked by Snowden allege that NSA had "backdoor" access to the servers of nine major technology companies. Market commentators believe the move is calculated to assure users as Apple launches its payment business and iOS8 operating system, which allows users to store data about their health. Apple users' data The white paper emphasises that Apple’s business model is based on selling products to users, rather than building up a detailed picture of their preferences to sell to advertisers, reports The Telegraph. According to an open letter by Tim Cook, Apple protects users’ privacy with strong encryption, plus strict policies that govern how all data is handled. “Security and privacy are fundamental to the design of all our hardware, software, and services, including iCloud and new services like Apple Pay,” Cook wrote. According to Cook, Apple believes in telling users exactly what is going to happen to personal information, asking for users’ permission and allowing users to change their minds. “Every Apple product is designed around those principles. When we do ask to use your data, it’s to provide you with a better user experience,” he said. Cook concludes by re-iterating that Apple has never allowed government agencies routine access to its servers via a back door, and “never will”. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK

Nude celebrity hack forces changes at Apple and 4Chan

In a classic case of reactive security, Apple and image sharing site 4Chan have taken additional measures after celebrity iCloud accounts were compromised and private photos leaked online. Although Apple claims iCloud security was not breached, the company has announced it is taking additional steps to keep hackers out of users' accounts. After days of speculation about the cause of the leak on 4Chan of private photographs of celebrities including Jennifer Lawrence (pictured), Apple blamed stolen credentials for the breach of privacy. Apple said the celebrities’ iCloud accounts were individually targeted and that none of the cases it investigated had resulted from a failing of its own systems. In an attempt to restore confidence in its security systems, Apple has announced that it will alert users through email and push notifications when someone tries to make account changes. Alerts will be sent when someone tries to change a password or restore deleted information on the data storage system. Two-factor authentication Apple also plans to broaden its use of the two-factor authentication security system, which requires a one-time passcode or long access key in addition to username and password to access an account. In the wake of the iCloud compromise, security experts have criticised Apple for not making two-factor authentication mandatory. Apple now plans to encourage users more “aggressively” to turn on two-factor authentication in the new version of its iOS mobile operating system, reports The Wall Street Journal. iOS8 is due later in September and will cover access to iCloud accounts. In an interview with the paper, Apple chief executive Tim Cook acknowledged that Apple could have done more to prevent the attack on female celebrities' accounts. "When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece," he told the publication. "I think we have a responsibility to ratchet that up. That's not really an engineering thing." Copyright enforcement 4Chan has also been spurred into action, announcing that it will finally enact a Digital Millennium Copyright Act (DMCA) policy to let content owners get illegally shared material removed. Previously the image-sharing site has largely avoided having to actively police content, although it has taken steps to find and remove content involving the sexual abuse of children, according to the BBC. In addition to taking down illegally shared content, 4Chan said it will notify the person who posted infringing material that the content has been removed in response to a DMCA request. 4Chan users who repeatedly post illegally obtained content will be blocked from the site, but it is not clear what effect the policy change will have on users who post content anonymously. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK

Apple Reportedly Will Step Up Security Email, Push Notices

CEO Tim Cook explains how Apple's security notifications will get more specific following the latest celebrity hack attack. As a result of the Labor Day weekend hacker attack on a number of celebrity iCloud accounts, Apple said Sept. 4 that it will begin enhanced security alerts for iCloud users as soon as possible. Apple CEO Tim Cook told The Wall Street Journal that due to the security breach, the company now will alert users through both email and push notices if an outsider tries to change a password, move iCloud data to a new device or if a bot or another device tries to log into an account. Several days ago an as-yet-unidentified hacker broke into the stars' iCloud storage accounts--the list of which includes actresses Jennifer Lawrence and Kirsten Dunst and model Kate Upton. The hacker then stole nude and seminude images of the women and then published the photos to a Website called 4Chan.org. It has been called the biggest celebrity hacking scandal to date. It was important enough for the FBI to assemble a team to investigate the case. Currently, iCloud users receive emails if someone tries to change a password or attempts to log in for the first time from a new device. However, notifications for restoring iCloud data to a new device are new, Cook told The Journal. Cook also said Apple will increase its use of two-factor authentication, which requires users to present two of three pieces of personal-knowledge information before being able to log in or add a new device. Apple took a day and a half to respond that it believes the photos were leaked due to targeted attacks on specific accounts and not because of a direct breach of Apple's storage or mobile security. Whatever process enabled the breach, this type of problem can happen against any type of cloud storage service. Apple just happened to be the victim in a highly visible attack. "We have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet," the company said in a statement. "None of the cases we have investigated has resulted from any breach in any of Apple's systems, including iCloud or FindMyiPhone." When the new feature is turned on, Apple will require users to complete two authentication steps to sign into an iTunes account from a new device. It will be a bit slower and more tedious for users, but that's the tradeoff for another level of security.The new feature will be included in the next version of Apple's iOS mobile-operating system, OS 7, due out later this month. It will enable tighter access to iCloud accounts from a mobile device.Most mobile-device users are not accustomed to using two-factor authentication for anything, thus Apple said it plans to be more proactive in asking its customers to turn it on as they buy into the next version of the OS. If the celebrities had used two-factor authentication, hackers wouldn't have been able to guess the correct answer to security questions, Apple said.

Celeb nude photos now being used as bait by Internet criminals

Tweets with fake links to #JLaw photos revive oldest trick in Web malware book.