Celebrities all over the world have become priority targets for cybercriminals, who take advantage of public figures’ meager security risks and data protection for mobile devices knowledge to compromise sensitive information for their own benefit.
This seems to be the case in South Korea, where recent reports claim that Samsung Galaxy smartphones from many celebrities have been hacked. Attackers threaten victims with revealing their private information (contacts, photos, videos, conversations) if they do not receive a ransom.
Apparently the hackers managed to compromise Samsung’s cloud storage to extract confidential information and extort the victim, demanding ransoms of between 50 million South Korean won (over $40k USD) and one billion won ($850k USD). In addition, researchers on data protection methods were able to gather evidence on the attacks, including some leaked confidential files.
Local media claim that the celebrity list is extensive, although the names of those affected by this scam are reserved. However, they claim that the list includes popular actors and actresses, singers, film directors, celebrated chefs, among others, even claim that a young South Korean singer was the victim of this attack and paid the hackers a large sum of money to safeguard your information.
One of the initial reports on the incident identifies actor Zhu Zhenmo as one of the first victims of this extortion campaign; by not responding to threats from hackers, the actor’s private conversations were exposed on the Internet. Data protection specialists believe that public figures are more likely to fall into this kind of blackmail, as they prefer to pay hackers than to expose themselves to public scandals due to the leaking of their private files.
Recently the International Institute of Cyber Security (IICS) reported a potential spyware developed by the Chinese company Qihoo 360 present in the latest Samsung Galaxy models marketed in Asia, so it would be worth while the company review its security standards in the face of the possible presence of a vulnerability exploited by threat actors to steal information and expose users of these devices.