iCloud photos, mostly private and included intimate images, were forcibly collected by someone who pretended to be an Apple customer support, tricking 306 victims.

Apple Customer Support Impersonator Collects 600K Private iCloud Photos by Scamming Victims Since 2018
(Photo : by Justin Sullivan/Getty Images)
SAN FRANCISCO, CA - JUNE 06: Attendees walk by a sign for the new iCloud during the 2011 Apple World Wide Developers Conference at the Moscone Center on June 6, 2011 in San Francisco, California. Apple CEO Steve Jobs returned from sick leave to introduce Apple's new iCloud storage system and the next versions of Apple's iOS and Mac OSX.

The Los Angeles-based criminal, Hao Kuo Chi, pled guilty to the felony charges that he is facing after stealing private photos from hundreds of people, as per The Los Angeles Times.

Apple's iCloud has been the center of attention lately as the Cupertino giant announced that it will be releasing child sexual abuse material or CSAM detection tool as part of its protection policies.

On Aug. 21, the iCloud CSAM tool already caught a San Francisco doctor for storing child abusive images on his iCloud.

iCloud Photos Scam

However, to be clear, the stolen iCloud photos by the scammer are not a breach of the security of Apple, nor was the CSAM tool involved. Instead, the bad actor used both phishing schemes and social engineering, according to MacRumors.

To be precise, Chi successfully stole more than 620,000 private photos and even videos by repeatedly emailing various victims asking for both their iCloud passwords and Apple IDs.

The FBI saw about 500,000 emails inside the emails that the scammer used, that goes by the address "applebackupicloud" and "backupagenticloud." What's more, there were about 5,000 iCloud IDs and passwords inside the two Gmail accounts.

It is to note that the victims were from the United States, and the majority are young women.

On top of the email that the scammer was sending, Chi was also working with other criminal minds to attempt to hack iCloud accounts. He uses his email accounts pretending to be Apple support to trick victims who are seeking for legitimate help from the company's support.

As such, the victims will then provide their iCloud credentials to the fake Apple agent.

Read Also: iCloud vs. Google Photos: Apple Now Allows Transferring Images to Third-Party Cloud Based App

iCloud Scammer Pleads Guilty

The iCloud scheme that Chi ran started to unravel in March 2018 after one of its victims turned out to be a public figure, whose nude photos were later uploaded on pornographic websites.

The victim sought the help of the FBI after learning that the sensitive photos have been available on such platforms. Upon investigation, the authorities traced the login made on the iCloud account of the victim to the house of Chi.

Now, the iCloud scammer has already pleaded guilty to three counts of gaining access to a protected computer without authorization and one count of conspiracy.

Chi is facing jail time of up to five years for each crime that he committed. So, in total, he will be locked up for 20 years.

The bad actor further told The LA Times in the same report that he is already "remorseful" for his actions, adding that he did it to support his family.

Related Article: Apple is Working on a Technology that Allows the Devices to Scan Photos for Signs of Abuse

This article is owned by Tech Times

Written by Teejay Boris

ⓒ 2021 TECHTIMES.com All rights reserved. Do not reproduce without permission.