While Apple Inc. (NASDAQ:AAPL) continues to insist that its iCloud service was not breached, but rather simply hosting information and photos that were not adequately protected by its users, it’s clear how this information can be collected and the answer lies in Russia. Anon-IB blew up recently with a host of nude celebrity photos but that is not all that the site has to offer. It offers a number of ways to cleanly rip the information off a users iCloud once their user name and password have been learned.
Moscow-based Elcomsoft
The software that people are using are the handiwork of the Moscow-based company Elcomsoft. Elcomsoft produces these tools for law enforcement and other agencies and the program that is likely responsible for the “rippping” of data is Phone Password Breaker, or EPPB, gained by adding the company’s name before the software title.
Elcomsoft CEO Vladimir Katalov maintained by email yesterday that there are legitimate uses for his company’s software and that it’s not specifically targeting Apple.
Katalov also made it clear that he doesn’t restrict who buys his company’s Phone Password Breaker to and has no intention to do so.
And frankly, limiting sales might not make a difference as all it takes is for one person to purchase and distribute it either as is or “cracked.”
Once someone’s Apple ID and password have been obtained through other means, EPPB is then employed to suck text messages, attachments, call logs, address books, calendars, email account settings, photos and other information quite quickly.
iCloud Ripping Software: They already have access without EPPB
And if this information is already known, all the aforementioned information could be gleaned albeit considerably less rapidly as EPPB does.
The site Anon-IB has a number of people offering to “rip” iCloud accounts immediately either for free or for a small fee.
One posting on Anon-IB read: “Ripping right now! Send email with Apple ID and Password and I will have it ripping ASAP. Will keep everything private!” I wouldn’t count on that privacy disclaimer.
In order, to keep your information safe, Apple is advising all customers to begin using two-factor authentication to better protect themselves.
