Alleged Hunter Biden leak shows iCloud may be weak link in iPhone security


Image: Kris Connor/WireImage/Getty Images

The conservative blogosphere is on fire with another alleged leak of Hunter Biden’s personal data, this time the ‘iPhone From Hell’.

The leak went viral on 4chan, where a user claimed to have hacked into Hunter’s iCloud backup and then used a tool that allowed users to recover files from Apple’s cloud backup site. The files are now being dissected by 4chan in what appears to be another leak of a massive amount of personal data from President Joe Biden’s son. In 2020, Hunter Biden left a laptop in a Delaware repair shop, the contents of which were taken by the shop owner and shared with conservative media.

“Iphone contains voicemails, videos, voice recordings, photos, etc. of Joe,” the anonymous user wrote on 4chan. “In this ZIP are two folders, one for an ipad and the other for the iphone backup.”

Motherboard has been unable to independently verify the files or their provenance, although a series of photos of Hunter Biden that do not appear elsewhere on the internet have been posted on 4chan.

The message is accompanied by several screenshots that show the interface of a tool called iPhone Backup Extractor, which, according to the tool’s official website, can recover “messages, photos, calendars, contacts , notes, locations and iPhone data lost on iPhone”. backups and iCloud.


Screenshots posted on the 4Chan thread. (Picture: motherboard)

Given these screenshots, it’s plausible that this 4Chan user or someone else discovered Hunter’s iCloud account and then hacked into it, possibly guessing the password.

At this point, they could have used the iPhone Backup Extractor to explore the contents of Hunter’s iPhone and iPad and download any data they found interesting. In a video that demonstrates how the tool works, the company says a user can simply enter iCloud credentials into the software and then explore and recover files from cloud backup.

This new Hunter scandal comes almost two years after the New York Post claimed to have obtained a copy of a laptop belonging to Hunter from a Delaware repair shop. Conservatives tried — and failed — to use the laptop’s contents to torpedo Joe Biden’s presidential campaign. The alleged data contained emails between Hunter and his father, and photos of him allegedly doing crack cocaine and having sex.

It wouldn’t be the first time that hackers have used software to access iPhone data to get their hands on sensitive personal information. In 2014, hackers accessed the very personal photos of dozens of celebrities such as Jennifer Lawrence, Kate Upton and Kirsten Dunst, in part using a forensic tool designed for cops and law enforcement. in order to obtain data from the iPhones of suspected criminals, which was called Elcomsoft Phone Password Breaker or EPPB. As Wired reported at the time, “EPPB allows anyone to impersonate a victim’s iPhone and download its full backup rather than the more limited data accessible on”

This apparent hack-and-leak shows that using iCloud backups can increase the attack surface for high-level hacking targets. On the one hand, it’s true that putting your iPhone data on Apple’s cloud can give hackers a way to get your data that otherwise wouldn’t be there. And it’s an avenue that, in theory, is easier to exploit than directly targeting your iPhone (where data is encrypted by default), or trying to get the phone backup that’s only stored on hard drive or computer.

Privacy experts have warned that data in iCloud can be easily subpoenaed because it’s not encrypted; data on an iPhone is more difficult to extract, although it can be done if law enforcement has physical access to the device and uses a tool like GrayKey.

The reality is that most people would rather turn on automatic backups to iCloud than remember to plug in their iPhone and use iTunes to make local backups because it’s more convenient. If one uses a strong password and two-factor authentication, it becomes relatively difficult to hack into one’s iCloud account.

“If you’re worried about subpoenas, iCloud is risky, but for everyone else, I think a strong password and Apple’s [two step verification] is a solid solution,” Ryan Stortz, a cybersecurity researcher who has experience with iPhone security, told Motherboard in an online chat.

The White House declined to comment, referring Motherboard to Hunter Biden’s representatives.

Motherboard sent a request for comment to the email address believed to belong to Hunter and contained in the 4chan screenshots. The owner of the address did not respond.

Hunter’s legal representative, Christopher Clar, did not immediately respond to a request for comment.

Subscribe to our podcast, CYBER. Subscribe to our new Twitch channel.

Harry D. Gonzalez