iCLoud Data Breach, Celebrity Photos Show Up

A few days ago a group calling themselves hackappcom posted a proof of concept script on the popular code repository called Github that would allow for a user to attempt to breach iCloud and access a user account. This script would query iCloud services via the “Find My iPhone” API to guess username and password combinations. The problem here was that apparently Apple AAPL -0.74% was not limiting the number of queries. This allowed for attackers to have numerous chances to guess password combinations without the fear of being locked out.
This script was an output from a talk that was given by Andrey Belenko and Alexey Troshichev called, “iCloud Keychain and iOS 7 Data Protection” at the Russian Defcon Group DCG#7812. Based on the note that they posted after the news of the breach started to circulate, they were rather upset that their script was being used to a malicious end.
"In  justification I can only mention,  that we only described the way  HOW to hack AppleID. Stealing private “hot” data is outside of our scope of interests. We discuss such methods of hacks in our’s narrow range, just to identify all the ways how privacy can by abused.
For everyone, who was involved in this incident, I want to remind, that today we are living in  Brave New Global World, when privacy protection wasn’t ever so weak, and you have to consider, that all you data from “smart” devices could be accessible from internet,which is the  place of  anarchy, and, as result, could be source of  undesirable and unfriendly activity."
The law of unintended consequences at its finest.
As a result, some ne’er do wells accessed the accounts of some Hollywood actors and leaked their personal pictures online. So, why were these pictures in iCloud? For those of you who may be unaware, iCloud is a service that is offered by Apple to backup data from a user’s iThinger of choice. This service could allow a person to backup their email, contacts, calendars, notes, passbook, keychain and photos to name a few. In the case of a large group of celebrities their data was breached when attackers gained access to their accounts. An unfortunate outcome to say the least.
I nervously checked the settings on my iPhone after news of this incident broke only to find that no, I was not using the service. No nude photos of me. Trust me, that’s a blessing.

While this incident has unfortunate ramifications for the victims it has been a great wake up call for others thanks to the huge amount of press coverage. This is an excellent opportunity for people to clean up their password practices and improve their personal security posture. So, how does one avoid this sort of problem? Well, there are few things that you can do to help to potentially avoid this type of end result. First off you can enable two factor authentication on your iCloud account. Once this is enabled a user would receive a four digit SMS message with a code to input in addition to their password. This way, if a password is compromised the attacker would still need an SMS code to gain access to the user account.
A second thing to keep in mind is the use of a strong password. Using one such as “password1” is simply inviting disaster. You’d be better served using a password such as “hGYcq6QE6agG8[N&j+a.” or better still, a pass phrase.
The last piece to take into account is making use of a password manager. This is a piece of software that can manage your passwords for you securely. There are excellent products out there that can do this for you such as 1Password from Agilebits, Keepass and Lastpass to name a few.

Photo Of Celebrities

1. Jennifer Lawrence


 2. Kate Upton


 3.  Victoria Justice


4. McKayla Maroney


5. Mary E. Winstead

 6. Becca Tobin


Bypass iCLoud iOs 9 This is Permanent Bypass 100%

Bypass iCLoud iOs 9 This is Permanent Bypass 100%

Bypass iCLoud iOs 9 This is Permanent Bypass 100%

NO, THIS IS NOT THE DNS BYPASS CRASH. 
THAT BYPASS ONLY ALLOWS YOU TO OPEN FACETIME APP AND IS BASICALLY USELESS.

iCloud Bypass for iPads (untested in iPhones/iPods)

YOU MAY NOT REDISTRIBUTE THIS METHOD BY ANY MEANS WHATSOEVER. YOU WILL FACE CONSEQUENCES IF LEAKED.
So you've gotten a hold of an iCloud locked iPad that's in lost and erased mode, with the slide to unlock style screen.
Steps to make it untethered are at the end.
Well, here we go!

VIDEO TUTORIAL: 

Bypass iCloud Method

1. Go through the actiavation steps normally until you reach the page asking for Apple ID and password
2. Click the home button
3. Tap "More WiFi Settings"
4. Press the "i" beside your WiFi network
5. At the bottom of the screen, tap "Manual"
6. Tap the server field
7. Tap the emoji icon
8. Spam the server field with an emoji for 2-3 minutes. You should have well over 100 emojis in there.
9. In the port field, put "8888"
10. Tap "Back" then "Done"
11. Tap "Activation Help"
12. Setup crashed, everything is working fine ;)
13. If you get to a screen that says "Try Again", tap it and wait. Within a few minutes, setup will crash.
Enable Internet Based Apps (Safari, iTunes Store, App Store)
1. Go to "Settings"
2. Tap "WiFi"
3. Tap the "i" beside your network
4. Copy the emojis in the server field and paste them into Notes app (for future use)
5. Go back to Settings app, WiFi, tap the "i"
4. Turn off HTTP Proxy
Having Trouble Downloading Apps?
1. Use the Untethered steps to reboot
2. Go to Settings, turn off HTTP Proxy (see Enable Internet Based Apps)
3. Scroll down in Settings app to iTunes & App Store
4. Sign in with your Apple ID
5. Go to the App Store and you should be able to download fine now
Untethered (Do this before rebooting)

1. Go to Settings
2. Go to WiFi
3. Tap the "i" beside your network
4. Go to the bottom, tap "Manual"
5. Paste the emjois you copied earlier (if you don't have them, spam field with emjois for 2-3 minutes until you have well over 100 emojis in there)
6. In the Port field, put "8888"
7. Reboot

IF DEVICE IS IN BOOT LOOP, PLUG INTO THE WALL (I USED OFFICIAL APPLE BRICK AND CABLE, IDK ABOUT 3RD PARTY) AND HARD REBOOT (HOLD POWER AND HOME) YOUR DEVICE. DO NOT PLUG INTO COMPUTER, IT WONT WORK.

I ALSO SUGGEST NOT TURNING OFF YOUR DEVICE, TO PREVENT ANY PROBLEMS FROM OCCURING.
NO, THIS IS NOT THE DNS BYPASS CRASH. THAT BYPASS ONLY ALLOWS YOU TO OPEN FACETIME APP AND IS BASICALLY USELESS.