Oregon Man Cops to Phishing for Naked Pics of Celebs
Entertainment // Web Services // California, United States
Andrew Helton, 29, admits that he represented himself as an Apple and Google employee in fraudulent emails sent to Apple and Gmail account-holders to trick hundreds of people into divulging their account passwords.
Helton used the stolen credentials to retrieve data from online accounts, including 161 sexually explicit, nude, or partially nude images of 13 people, some who were unidentified celebrities.
The phishing e-mails asked victims to verify their accounts by clicking on links that led to what looked like authentic Apple or Google login pages. When targets complied, their passwords were transmitted to Helton, who used them to illegally access account data.
According to documents filed in federal court in Los Angeles, Helton gained illegal access to 363 Apple and Gmail accounts, including those belonging to members of the L.A. entertainment industry.
There's no indication that any of the images Helton stole were among the hoard of nude pictures of celebrities that were published on the Internet in 2014. A hacker who took responsibility for that incident said the images came from compromised iCloud accounts belonging to the victims. Apple later said the compromised accounts were the result of a targeted attack on user names, passwords, and security questions.