Icloud Could Be the Weak Link in iPhone Security, According to an Alleged Hunter Biden Leak

Another purported breach of Hunter Biden’s personal information, this time using the “iPhone From Hell,” has set the conservative blogosphere ablaze.

The information was leaked and quickly went viral on 4chan, where a person claimed to have accessed Hunter’s iCloud backup and then recovered the files using a program available on Apple’s cloud backup platform. In what appears to be yet another breach of a sizable amount of personal data from President Joe Biden’s son, the files are currently being examined by 4chan. Hunter Biden left a laptop to a Delaware repair shop in 2020; the owner of the business took it and gave the information to right-wing media sites.

“Iphone contains voice mails, videos, voice recordings, pictures etc of Joe,” the anonymous user wrote on 4chan. “In this ZIP are two folders, one for an ipad and the other for iphone backup.”

Although a number of Hunter Biden images that are exclusive to 4chan have been posted there, Motherboard has been unable to independently authenticate the files or where they came from.

The article includes many pictures of the user interface of an app called iPhone Backup Extractor, which, according to its official website, enables the recovery of “lost iPhone messages, photos, calendars, contacts, notes, locations, and data from iPhone backups and iCloud.”

These screenshots make it likely that this 4Chan member or another person identified Hunter’s iCloud account and subsequently gained access to it, possibly by guessing the password.

They may have then used the iPhone Backup Extractor to look through the information on Hunter’s iPhone and iPad and download any information they deemed intriguing. The business claims in a video demonstrating how the tool works that a user only needs to enter their iCloud login information into the system in order to browse and retrieve data from a cloud backup.

The New York Post allegedly received a copy of a laptop belonging to Hunter from a repair shop in Delaware approximately two years prior to the current Hunter story. Conservatives attempted to derail Joe Biden’s presidential candidacy using the information on the laptop, but they were unsuccessful. The purported information included emails between Hunter and his father as well as images of him purportedly doing crack and engaging in sex.

Hackers have already utilized software to access data on an iPhone in order to obtain highly sensitive personal data, so this wouldn’t be the first time. In 2014, hackers gained access to the highly private images of dozens of celebrities, including Jennifer Lawrence, Kate Upton, and Kirsten Dunst, in part thanks to a forensic tool called Elcomsoft Phone Password Breaker, or EPPB, which was created for police and law enforcement officials to obtain data from the iPhones of alleged criminals. As Wired reported at the time, “EPPB lets anyone impersonate a victim’s iPhone and download its full backup rather than the more limited data accessible on iCloud.com.”

This alleged hack-and-leak incident demonstrates how employing iCloud backups might widen the attack surface for prominent targets. On the one hand, it is true that storing your iPhone’s data on Apple’s cloud can open the door for hackers to access your information that would not otherwise be there. It’s also a route that, in theory, is simpler to exploit than going for your iPhone directly (where data is by default encrypted) or attempting to access the phone’s backup, which is only kept on a hard drive or computer.

Data on an iPhone is tougher to extract, but it is still possible if law enforcement has physical access to the device and utilizes a tool like a GrayKey. Privacy experts have cautioned that data on iCloud can be readily subpoenaed because it is not encrypted.

The truth is that most users will find it more convenient to enable automatic backups on iCloud than to remember to plug in their iPhones and use iTunes to perform local backups. Using two-factor authentication and a strong password makes it more difficult for hackers to access an individual’s iCloud account.

“If you’re worried about subpoenas then iCloud is risky, but for everyone else I think a strong password and Apple’s [two step verification] is a strong solution,” Ryan Stortz, a cybersecurity researcher who has experience with iPhone security, told Motherboard in an online chat.

Hunter Biden’s representatives were suggested to Motherboard by the White House, which declined to respond.

An inquiry from Motherboard was addressed to the supposed Hunter email address that is shown in the screenshots from 4chan. The address’s owner didn’t reply.

Christopher Clar, Hunter’s attorney, did not respond to a request for comment right away.