Jennifer Lawrence
Jennifer Lawrence's nude photos were hacked from her iCloud account(Reuters)

Cloud computing is becoming ubiquitous. Companies selling cloud storage espouse the benefits of having access to all of your data, all the time, no matter where you are.

Great.

Expect the same is true for the people trying to steal that data.

No longer does a criminal have to have physical access to your phone; they can remotely access all your information from anywhere in the world.

This was highlighted brutally to dozens of celebrities on Sunday when hundreds of explicit images were leaked online and rapidly shared across the internet.

The stolen images appear to be only a small section of the entire cache of images and videos of over 100 celebrities, if screenshots of the computers belonging to the criminals behind the leak are to be believed.

The illicit trove of images and videos of celebrities is the result of months of work by a gang of hackers who broke into the iCloud accounts of the stars before scraping all the information available. 

iCloud Rippers

While the leak of celebrity images has brought huge attention to the practice, it is unlikely to be welcomed by the dozens of so-called iCloud Rippers who are touting for business on the anonymous image board Anon IB - an off-shoot of 4 Chan - where the pictures of Jennifer Lawrence were first published last week.

Those images were posted by someone using the name 'OriginalGuy' who is part of a criminal gang that has been systematically stealing the information from high-profile figures for a number of months at least.

OriginalGuy clearly knew that by revealing the images he was going to bring a huge amount of focus on the practice, but as of Wednesday afternoon, there were still numerous people offering the service on the Anon IB /stol/ board, which is where "stolen" or "obtained" images are shared.

While the leaking of celebrity images is clearly going to gain the most attention, a more disturbing element of the story is that these iCloud Rippers are openly touting for business among ordinary people who are willing to share the details of iCloud accounts belonging to friends and family.

One of them, called iCloudRipper, says they are willing to rip anyone, including boyfriends, girlfriends, parents, siblings or classmates.

Anon IB iCloud rippers
An advert appearing on the Anon IB /stol/ board for free iCloud ripping.

As you can see the service is also provided for free.

The reason these criminals don't charge is that they take their payment in stolen data. While they send you all the information, they also retain a copy for themselves, which is how they build huge troves of poached images, video and text - ofter much more valuable than a one-off payment.

These iCloud Rippers provide email addresses for users to send the Apple ID (email) and passwords belonging to their victims. The hackers then log onto the victim's iCloud account online and use special software to scrape the entire contents including photos, videos, contact details and notes.

The iCloud Rippers on Anon IB are openly advertising that they use a tool called Elcomsoft Phone Password Breaker which was designed for police to siphon data from iPhones.

Deleting photos is no longer effective

According to analysis by security researcher Jonathan Zdziarski based on the leaked files, the data looks like it originated from a device backup, meaning that the hackers have access to everything on the victim's iPhone.

Zdziarski also points out that while some of those affected said they had deleted the photos a long time ago, the photos would not have been removed from the device backup files which the hackers could delve into. 

While the iCloud Rippers ask for email addresses and passwords, they do indicate that they can work with less information, meaning that even if you only have the person's Apple ID but also their date of birth and answers to possible security questions then you may be able to get access to the accounts.

iCloud Ripping Works Without Password

IBTimes UK contacted four separate iCloud Rippers to talk about what they do and ascertain how much they charge for the service but without a single reply.

Clearly the increased attention on their activities in recent days is not welcome and they are likely to be very wary as authorities in the US are investigating those behind the celebrity leak and will no doubt now be scrutinising everyone involved in the practice.

And this is just one of dozens of forums and image boards where these services are offered, and that is before you even begin to look on the dark web.

Or as Nik Cubrilovic puts it in his detailed blog on the matter: "There is an insane amount of hacking going on."

Cubrilovic says that on the dark web people openly share tips on how to carry out this type of hacking and users are regularly requesting (and receiving) links to the leaked images from earlier this week.

The security researcher believes that the celebrity breach just "scratches the surface" of what is going on:

"There are entire communities and trading networks where the data that is stolen remains private and is rarely shared with the public."

Following the revelations this week, some have questioned if this signals the end of iCloud Ripping, including one poster on Anon-IB:  

Is This the End of iCloud Ripping?

It remains to be seen whether this does signal the end of this practice, but considering that iCloud has been around since 2011, there could be massive stores of private and sensitive information in the hands of criminals who may now look to cash in before they get caught.