Nude photos hacked from private data that was stored in the cloud are now being dispersed on the internet and are a major part of the news cycle.
What you need to know that at least one of the essential tools that is being used to accomplish this hacking did not come from private criminals or from private consumers. No, the tools were developed in order to satisfy the desires of governments who want to be able to spy on their citizens. According to Wired,
On the web forum Anon-IB, one of the most popular anonymous image boards for posting stolen nude selfies, hackers openly discuss using a piece of software called EPPB or Elcomsoft Phone Password Breaker to download their victims’ data from iCloud backups. That software is sold by Moscow-based forensics firm Elcomsoft and intended for government agency customers. In combination with iCloud credentials obtained with iBrute, the password-cracking software for iCloud released on Github over the weekend, EPPB lets anyone impersonate a victim’s iPhone and download its full backup rather than the more limited data accessible on iCloud.com. And as of Tuesday, it was still being used to steal revealing photos and post them on Anon-IB’s forum.
As far as I can tell, governments can already go to a phone company and to Apple itself with a warrant and demand their cooperation in getting the data. If so, then this item is sold to governments so they don’t have to use the legal route. Perhaps there are some other cases where they have a legitimate warrant but need this tool.
Whether legitimate or not, we need to grapple with the fact that the state’s spying has provided the ability to bad actors. As far as we know, if governments were not in the market for spying technology there would be no one providing this software to the world.
Once again, by spying on us, the state has made us all vulnerable to having our data pirated.