Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Man pleads guilty to hacking celebrity Apple accounts for spending spree

A man has pleaded guilty to U.S. Justice Department charges of hacking into the Apple accounts of famous athletes and musicians, using them to embark on a spending spree.

Victims included "rappers" as well as "college and professional athletes," including people in the NBA and NFL, the Justice Department said while declining to name specific people. The hacker, Kwamaine Jerell Ford of Georgia, began targeting accounts in March 2015 with a phishing scheme, pretending to be an Apple support representative needing logins, passwords, and/or the answers to security questions.

Ford convinced people this was necessary to reset an account or access videos people were sending, the Department elaborated. In reality he set about hijacking accounts by resetting passwords, changing email contacts, and editing security questions. Apple is said to have recorded "hundreds" of unauthorized logins.

This in turn gave Ford access to the credit cards of several people, which were used to rack up "thousands of dollars" in furniture, travel expenses, and direct money transfers.

Ford was originally indicted on six counts in April 2018, including charges of wire fraud, computer fraud, access device fraud, and aggravated identity theft. In the end he pleaded guilty to just one count of computer fraud and one of identity theft. A sentencing hearing is scheduled for June.

Phishing is a recurring problem with Apple and other platform holders. The best-known Apple-related incident was "Celebgate," which targeted over 200 iCloud, Yahoo, and Facebook accounts owned by celebrities and others. With some celebrities, nude photos were stolen and spread rapidly online.

The best defenses against phishing are enabling two-factor authentication and maintaining a skeptical attitude, since Apple support representatives don't contact people out of the blue or demand login information.



14 Comments

🕯️
the monk 11 Years · 93 comments


Victims included "rappers" as well as "college and professional athletes," including people in the NBA and NFL, the Justice Department said while declining to name specific people. The hacker, Kwamaine Jerell Ford of Georgia, began targeting accounts in March 2015 with a phishing scheme, pretending to be an Apple support representative needing logins, passwords, and/or the answers to security questions.
.

I guess I shouldn’t be surprised, but strange how this phishing scheme still works. Remember years back using that dialup app called AOL, and there would be an eyesore text warning in messenger warning them an AOL rep would never contact them for their password through email or IM? But no, people still fell for it.

🕯️
lkrupp 19 Years · 10521 comments


Ford was originally indicted on six counts in April 2018, including charges of wire fraud, computer fraud, access device fraud, and aggravated identity theft. In the end he pleaded guilty to just one count of computer fraud and one of identity theft. A sentencing hearing is scheduled for June.

Why the plea bargain? If they had him they had him. He’ll probably get off with a short time in prison. What about restitution to his victims? I think we need to make the penalties for this kind of thing much harsher for deterrence. Hackers like him are no different from the street thugs and muggers.

❄️
entropys 13 Years · 4318 comments

A man has pleaded guilty to U.S. Justice Department charges of hacking into the Apple accounts of famous athletes and musicians, using them to embark on a spending spree.
Kwamaine Jerell Ford of Georgia, began targeting accounts in March 2015 with a phishing scheme, pretending to be an Apple support representative needing logins, passwords, and/or the answers to security questions

so which is it? Hacking, or a Phishing attack? Because one exploits a weakness of Apple, while the other exploits the weakness of celebrities. A very important difference.

mac_dog 16 Years · 1084 comments

lkrupp said:

Why the plea bargain? If they had him they had him. He’ll probably get off with a short time in prison. What about restitution to his victims? I think we need to make the penalties for this kind of thing much harsher for deterrence. Hackers like him are no different from the street thugs and muggers.

Why restitution? More important is accountability. Something that will...say...leave a lasting impression so it doesn’t happen again. There is no accountability in this country anymore.