The ring referred to nude photos and videos found in the stolen accounts as "wins," which they shared with one another.įBI Agent Anthony Bossone told the court that Chi's Dropbox account contained roughly 620,000 photos and 9,000 videos, organized in part by the presence or lack of "wins" within them. If the victim fell for Chi's spearphishing attempt, Chi would then use the victim's own iCloud credentials to log in to the service and save their photos and videos to Dropbox-followed by providing the Dropbox link to his customers and/or conspirators.Īccording to court documents, Chi organized and saved the stolen media for his own and unnamed conspirators' personal use, as well as providing them to icloudripper4you "customers." The phishing ring used an offshore-hosted encrypted email service to communicate anonymously-"I don't even know who was involved," Chi told the LA Times.
His "customers" would identify an iCloud account for attack, after which Chi would use his sketchily named Gmail accounts to contact the victim, impersonating an Apple service representative.
Chi marketed his iCloud break-in "services" under the nom de guerre icloudripper4you. This number may be considerably smaller than the true total, since the FBI found that about 4,700 out of 500,000 emails in two of Chi's Gmail accounts- backupagenticloud and applebackupicloud at Gmail-contained iCloud credentials that Chi tricked his victims into providing.Īccording to Chi, he selected roughly 200 of these victims based on online requests.
"At least 306" victimsĬhi's plea agreement with federal prosecutors in Tampa, Florida, acknowledged "at least 306" victims. The LA Times reported this week that Los Angeles man Hao Kuo "David" Chi pled guilty to four federal felonies related to his efforts to steal and share online nude images of young women. Chi collected more than 620,000 private photos and 9,000 videos from an undetermined number of victims across the US, most of whom were young and female.
0 kommentar(er)
