Threatwatch

Revenge porn mastermind accused of ID theft

Social engineering; User accounts compromised

Hunter Moore, creator of, IsAnyoneUp, a site featuring nude photos juxtaposed with Facebook profiles, was arrested for allegedly accepting images that were not voluntarily submitted.

Many photos on the site were “revenge porn,” sent in by angry exes. The victims pictured could go after the ex who violated their privacy by sending the picture, but not Moore. He cited as protection a law that shelters sites from getting sued for what users post.

“Despite how despicable many felt his site was, Moore was mostly in the legal clear for what he was doing until resorting to hacking,” Forbes’ Kashmir Hill reports. “What’s odd is that Moore claimed to me to have a ‘never-ending supply of photos.’ If the allegations are true, either he was lying or the extra invasion of privacy involved in hacking photos never meant to be shared was too appealing to resist.”

Moore finally was arrested along with Chris ‘Gary Jones’ Evens and charged with hacking and conspiracy to hack. “Moore allegedly offered Evens $250 for naked photos of ‘6 guys and 6 girls,” Forbes reports.

Evens allegedly hacked into people’s Gmail and Yahoo email accounts for photos, even allegedly managing to circumvent Google’s two-factor authentication with some social engineering.

Acknowledging that what they were doing was illegal, the pair created new email addresses for cover. Evens would submit the hacked photos via the site’s submission platform. Moore at one point also used his mother’s email address.

One target -- Kayla Laws, a 25-year-old aspiring actress in L.A. -- claimed that she had taken sexy selfies with her phone that she emailed to herself, but that she never shared them with others. She said they could only have been obtained through hacking.

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves. 

sector

Social Media

reported

January 24, 2014

reported by

Forbes

number affected

Unknown

location of breach

Unknown

perpetrators

Criminals

location of perpetrators

California, United States

date breach occurred

between October 2011 and March 2012

date breach detected

Unknown