Private Nude Photos Stolen in Horrifying iCloud Scam

A California man has plead guilty to a scam that involved stealing and distributing private photos of young women.

The person in question, 40-year old Hao Kuo Chi of La Puente, impersonated Apple’s customer support team in order to steal iCloud passwords. He collected over 620,000 private photos and videos from his social engineering campaign. Marketing himself as a hacker-for-hire, he intended to gain unauthorized access to people’s Apple IDs and passwords in order to steal photos from the cloud on Apple servers.

Chi used multiple G-mail addresses that appeared legitimate in order to get victims to disclose their iCloud credentials. From both accounts, he managed to send out around 500,000 emails that had 4,700 responses containing victim iCloud usernames and passwords. Chi broke into particular accounts at the request of clients who hired his services. The FBI concluded that Chi’s Dropbox account organized photos and videos based on whether they contained nude images or not.

Chi faces up to five years in prison per charge, which includes one count of conspiracy and three counts of gaining unauthorized access to a protected computer.

It’s so important in today’s day and age to be knowledgeable on phishing emails and other tactics that attackers will use to gain access to your personal information. Cybercrime is more lucrative now that many people are working from home, or have a hybrid work environment. It’s easier for more sophisticated attacks to slip under the radar for the average person.

Threat actors are always on the lookout to steal your data. You can do a few things to lower your risk, like participating in ongoing cybersecurity training, or making sure you carefully screen all emails before you click an attachment or send a reply. In the event that you do fall victim to this type of scam, make sure to file a report with the proper authorities and change any passwords that are associated with the compromised account.