samsung galaxy pirating korean stars
You may remember this story of intimate photos of celebrities being stolen and published on the Internet in an attempt to blackmail. The victims had all backed up (voluntarily or not) their photos on iCloud. And that's where the pictures were taken by the master singers. The latter were arrested and some were sentenced to prison. This was in 2014. And a small nickname was found: "Celebgate".
Six years later, history repeats itself. Korean magazine Dispatch revealed this week that a dozen local stars (singers, actors, directors, TV presenters, etc.) are currently blackmailed. Hackers had access to their personal data, including photos, videos and text messages. And they are pressuring their rightful owners to extort money.
Dispatch magazine explains that all of the victims own a smartphone from the brand ... Samsung. And more specifically, they all have a Galaxy S, that is to say a high-end model. It is not specified whether it is an old model or a new one. However, the fact that it is a Samsung is important information, since the stolen data was all kept on Samsung Cloud, the online storage service similar to iCloud.
Two-step authentication disabled by default
The Asian periodical explains how the data was obtained. The hackers managed to acquire victims' login and password pairs. Thanks to a Samsung smartphone, they connected to their victims' Samsung Cloud accounts to start a data restoration procedure, as if the legitimate owner cloned his old phone to activate a new one. So all the data has been installed. The video below, produced by Dispatch magazine, explains how it works.
The procedure is not only very simple, but cruelly safe. Since the Celebgate case and the media coverage of the theft of private photos of Hollywood stars from iCloud, the entire technology industry has adopted two-step authentication for online services. Apple, Google, Facebook, Twitter, PayPal have all adopted this device, which has become very common (even for making an online payment). However, Samsung, which has yet implemented two-step authentication, is not the default setting on its smartphones. And users do not check if it is activated.
