- 2 months ago
In 2014, private photos of Jennifer Lawrence, Kate Upton, and over 100 other celebrities flooded the internet overnight. The leak, known as The Fappening, wasn’t the work of elite hackers, but five ordinary men using fake “Apple Security” emails. Their phishing scheme exposed the vulnerabilities of iCloud and the dark reality of digital permanence. This is the true story of how a few clicks changed privacy forever.
___________________________________________________________________
🎯 Want to learn the skills these hackers use? Join Blackfiles Academy: https://blackfilesacademy.com/
---------------------------------CREADITES--------------------------------------
YOUTUBE : https://www.youtube.com/@Blackfiles-HD
▶️ BUSINESS: [email protected]
___________________________________________________________________
CHAPTERS
0:00 - Intro
1:01 - The Phishing Expedition
6:28 - The Flood
12:00 - The Manhunt
17:56 - The Aftermath
🔔 Subscribe for more weekly hackers & cybercrime documentaries.
___________________________________________________________________
🎯 Want to learn the skills these hackers use? Join Blackfiles Academy: https://blackfilesacademy.com/
---------------------------------CREADITES--------------------------------------
YOUTUBE : https://www.youtube.com/@Blackfiles-HD
▶️ BUSINESS: [email protected]
___________________________________________________________________
CHAPTERS
0:00 - Intro
1:01 - The Phishing Expedition
6:28 - The Flood
12:00 - The Manhunt
17:56 - The Aftermath
🔔 Subscribe for more weekly hackers & cybercrime documentaries.
Category
😹
FunTranscript
00:00August 31st, 2014.
00:03Jennifer Lawrence's phone explodes with 847 missed calls.
00:07Her agent screams through voicemail,
00:09don't go online, do not go online, but it's too late.
00:13She opens Twitter to see her name trending worldwide,
00:16next to a photo of her naked body she took three years ago.
00:20The image already has 14 million views.
00:23Across Hollywood, 100 other celebrities discover their most private moments
00:28are now public property.
00:30Kate Upton's honeymoon videos,
00:32Scarlett Johansson's bathroom selfies,
00:35Michaela Maroney's photos from when she was 17,
00:38making millions of downloaders felons.
00:41Within 48 hours, the images spread to 17,000 websites
00:45and four victims attempt suicide.
00:48But here's what makes this horrifying.
00:51The hackers were five nobodies who simply sent fake Apple security emails.
00:56So who were these five ordinary men?
00:58And what made them suddenly leak everything?
01:03November 2013.
01:06Ryan Collins sits in his Lancaster basement staring at code on his Dell laptop.
01:11He's copying Apple's password reset page pixel by pixel, changing one line.
01:17Where legitimate resets send data to Apple's servers,
01:20his version routes passwords to Collins data at gmail.com.
01:25He registers Apple privacy security at iCloud.com through a Romanian proxy,
01:30tests the phishing kit on his wife's account,
01:33thing that she will never notice.
01:35Then loads a CSV file containing 4,811 celebrity email addresses,
01:41scraped from IMDB Pro, talent agency leaks, and paparazzi contact sheets.
01:48His first target is Scarlett Johansson's assistant,
01:52whose email was leaked in the 2011 Sony Pictures hack.
01:552,000 miles away in Chicago,
01:58Edward Majorczyk runs a parallel operation from his childhood bedroom.
02:02While his parents watch Jeopardy downstairs,
02:04he sends 18 phishing emails to addresses ending in unitedtalent.com,
02:09wmeentertainment.com, and caa.com, Hollywood's biggest agencies.
02:15His subject lines pull from TMZ headlines.
02:18Urgent, unauthorized access detected from Moscow, Russia,
02:22arrives hours after news breaks of celebrity nude photo threats.
02:26Your iCloud photos may be compromised, lands during the Sony hack coverage.
02:31But Majorczyk has done an innovation.
02:33He times each phishing wave to coincide with real security breaches,
02:37making paranoid celebrities more likely to click.
02:40Between November 2013 and April 2014,
02:44he sends 4,729 emails and 312 people enter their passwords.
02:5130 are household names.
02:53The hackers discovered Apple's fatal flaw.
02:57The Find My iPhone feature allowed unlimited password attempts
03:01through an API endpoint.
03:03Christopher Brannan wrote a Python script
03:05that tried 14,000 common passwords
03:07against celebrity accounts in rapid succession.
03:10When one password failed,
03:12the script tried the next one in the list,
03:14and then the next one, and so on until he got the correct password.
03:18No lockouts, no alerts.
03:21Just infinite attempts at 50 tries per second.
03:25Brannan cracked Jennifer Lawrence's account after 1,847 attempts.
03:30Her password was Nashville2011,
03:34the city and year she filmed Hunger Games.
03:37Rihanna fell after 3,221 tries.
03:42Barbados88, her birthplace and birth year.
03:46Avril Lavigne used Skater Boy, her own song title.
03:50But passwords were just the first door.
03:53Security questions provided access to the account.
03:56What street did you grow up on?
03:59For celebrities, Wikipedia knew the answer.
04:01Mother's maiden name?
04:03Ancestry.com provided full family trees.
04:07First pet's name?
04:09Old MySpace posts from 2004 contained gold mines of personal trivia.
04:15George Garifano discovered Kate Upton's high school mascot, the Rockets,
04:20from a Melbourne Catholic School alumni page.
04:23He found Kirsten Dunst's first dog's name, Biscuit,
04:27in a 1997 newspaper interview about Interview with the Vampire.
04:31Mikayla Maroney's favorite teacher appeared in her hometown paper's Student of the Month feature from 2006.
04:40Each answer unlocked another account, another backup, another thousand photos never meant for public eyes.
04:46The iCloud backup system became their ATM.
04:50When someone logs into iCloud from a new device, Apple sends an alert, unless you're restoring from backup.
04:58The hacker selected Restore from iCloud Backup on iTunes, entered stolen credentials,
05:03and downloaded the entire phone contents without triggering notifications.
05:08Ryan Collins downloaded Jennifer Lawrence's 23-gigabyte backup containing 1,789 photos and 94 videos spanning three years.
05:18The download took four hours on his Comcast connection.
05:21He watched Netflix while photos never meant to be seen transferred to his hard drive.
05:27No alerts reached her phone, no emails warned of access.
05:31Apple's logs showed a routine backup restoration from an iPhone 5C, the same model Lawrence owned.
05:37The best part of this hack is that these weren't master criminals.
05:41Collins forgot to use a VPN for 12 downloads, leaving his real IP address in server logs.
05:47Meierczyk paid for his phishing domains with a PayPal account linked to his actual checking account at Chase Bank.
05:53Garifano screenshotted his trophy photos and accidentally included his Windows username, George G underscore Dell, in the file metadata.
06:01Brannon tested his password cracker on his school district email, leaving traces that led directly to his teacher ID number.
06:07They made every amateur mistake possible, except getting caught.
06:11For 18 months, nobody noticed Hollywood stars were being systematically attacked.
06:16But why did four separate hackers suddenly start hunting celebrity photos within weeks of each other?
06:23And what made them risk everything to release their collections?
06:29August 30th, 2014, 9.30pm.
06:33On the notorious Anon IB forum, 4Shawn's evil twin dedicated to revenge porn, user OriginalGuy posts 12 words that ignite a frenzy.
06:44I have hundreds of celebrity nudes.
06:46Bitcoins welcome.
06:47Samples inside.
06:48More coming.
06:49Attached, there is a censored thumbnail of Jennifer Lawrence that image reverse searches confirm exists nowhere else online.
06:58The post includes a Bitcoin address, and within 10 minutes, blockchain records show 0.2847 Bitcoin, $147, received from 16 different wallets.
07:10OriginalGuy responds with a mega link containing 43 uncensored photos.
07:15At that exact moment, everything got uncontrolled.
07:18By 10.30pm, the Anon IB thread reaches 500 posts as users beg, threaten, and bid for specific celebrities.
07:28Someone offers $1,000 Bitcoin for Emma Watson photos.
07:33Another promises $500 for Taylor Swift.
07:36OriginalGuy stays silent for 47 minutes, then drops the bomb, a file containing 461 photos from 60 celebrities.
07:46The password?
07:47Ironly, it is infected.
07:49A detail that would later help FBI cryptanalysts identify which collections came from which hacker.
07:55At 11.47pm, an anonymous user, likely OriginalGuy on a different IP, migrates to Forshawn's Higher Traffic B board and uploads everything for free.
08:06The business model collapsed.
08:08The chaos began.
08:09Forshawn moderator M underscore L would later testify he deleted over 10,000 posts that night.
08:16For every thread removed, users created five more.
08:19They switched tactics, posting Imgur albums, Anon files links, megafolders, Mediafire archives.
08:27When those got DMCA'd, they used Russian site RGHOST, Chinese platform Baidu, blockchain storage on Swarm.
08:36Even someone uploaded the entire cache to the Pirate Bay disguised as a Linux distribution.
08:41Another user embedded photos in a Minecraft world file that went viral on gaming forums.
08:47By 2am September 1st, Reddit user JohnsMcJohn created a subreddit called TheFappening.
08:54Remember this.
08:55His first post contains Jennifer Lawrence, Kate Upton, Ariana Grande and hundreds of others.
09:02Reddit's infrastructure buckled immediately.
09:04The subreddit gained 10,000 subscribers per hour for six consecutive hours,
09:09a rate that exceeded Reddit's previous record, Obama's 2012 AMA, by 400%.
09:17Amazon Web Services, Reddit's host, registered 7.2 terabytes of traffic to TheFappening in its first day.
09:24More data than Wikipedia transfers in a week.
09:27Reddit's sysadmin blog later revealed the subreddit consumed 141 gigabytes of bandwidth per second at peak,
09:34requiring emergency server allocation that cost $47,000.
09:39The community developed its own ecosystem within hours.
09:42The Fappening discussion for analysis, Fappening archive for organization,
09:47the Fappening SFW for clothed photos that revealed metadata.
09:51Users created spreadsheets tracking which celebrities had leaked, which were confirmed fake, and which were coming soon.
09:58They built browser extensions that automatically downloaded new posts.
10:03They programmed bots that scraped links and reposted to backup sites.
10:08September 1st, 6.45 AM.
10:12Michaela Maroney's lawyer, Jeffrey Steinberger, sends Reddit a letter that changes everything.
10:17Multiple images depict Ms. Maroney when she was underage.
10:21Distribution constitutes a federal crime.
10:24Remove immediately or you will face prosecution.
10:27Reddit CEO Yishan Wang convenes an emergency conference call.
10:31The legal team confirms it.
10:33A quick analysis shows photos dated to 2013 when Maroney was 17.
10:38Anyone who downloaded, shared, or even viewed those specific images technically committed a felony.
10:44The Fappening had become a child pornography distribution network with 141,000 participants.
10:51Within two hours, Reddit bans all Maroney content and posts a stark warning, advising that any underage content would result in a permanent ban and a quick call to the FBI.
11:03But the damage was done.
11:05Conservative estimates placed total downloads at 100 million in the first 48 hours.
11:11Google Trends showed Jennifer Lawrence and Leaked peaked at 100 the maximum score across 19 countries simultaneously.
11:21Pornhub reported 41 million searches for celebrity names that week, crashing their search function.
11:27Even Twitter suspended 3,847 accounts for sharing links.
11:32Yet for every deletion, users found workarounds, spelling the names backwards, using emoji codes,
11:39or creating private telegram channels that grew to 50,000 members each.
11:43The photos achieved true viral permanence, replicated so widely that complete removal became mathematically impossible.
11:50But who made the catastrophic decision to dump everything free on Forshawn?
11:55And why did the other hackers stay silent as their careful work exploded into chaos?
12:02September 2, 2014.
12:05FBI Special Agent Jeff Yesensky's phone buzzes with an emergency directive from the Los Angeles field office.
12:12Operation Fappening is now classified as a priority one cyber investigation involving potential child pornography, wire fraud, and violations of the Computer Fraud and Abuse Act carrying combined maximum sentences of 127 years.
12:27By sunrise, 28 agents across six cities are pulling server logs, ISP records, and Bitcoin blockchain data.
12:36Apple provides 487 gigabytes of access logs.
12:40Google surrenders email metadata for 1,847 accounts.
12:45Reddit delivers IP addresses for every The Fappening moderator and power user.
12:50The digital dragnet deploys.
12:52The Bitcoin trail leads nowhere, the wallet owner used Tor, tumbled coins through three mixing services, and converted to Monero through Shapeshift.
13:02But the phishing emails contain a critical flaw.
13:05Email headers revealing original SMTP servers.
13:09Apple privacy security at iCloud.com routes through smtp.mail.ru.
13:16But the X originating IP header shows 74.96.184.42, a Comcast residential address in Lancaster, Pennsylvania.
13:26Cross-referencing with Apple's logs shows the same IP downloading Jennifer Lawrence's iCloud backup on March 14, 2014.
13:34The subscriber is Ryan Collins, married father of two, no criminal record and works IT support at Lancaster General Hospital.
13:42October 7, 2014.
13:44FBI agents execute simultaneous raids in four states.
13:48In Lancaster, they find Collins' laptop still logged into 12 celebrity iCloud accounts.
13:54His external drive contains 18 folders labeled J-Law, Cupton, Aplaza, each with hundreds of photos.
14:02Browser history shows 14,000 visits to iCloud.com using different credentials.
14:07His Gmail drafts folder contains template phishing emails with subject lines like urgent security alert and verify your account.
14:15When agents ask why, Collins says, I just wanted to see them naked, like everyone else.
14:21He agrees to cooperate immediately, providing passwords for encrypted folders that reveal photos from another 52 victims never leaked publicly.
14:29Chicago agents arrest Edward Meyerczyk at his parents' house during breakfast.
14:35His setup is more sophisticated.
14:37Three laptops, a VPN router, and custom phishing software purchased on a Russian hacking forum for $300.
14:45His Dropbox contains 329 folders organized by celebrity name, net worth, and rating.
14:52One to ten for attractiveness.
14:55File timestamps show he accessed Jennifer Lawrence's account 147 times between March and August 2014.
15:04Meyerczyk's biggest mistake is clear.
15:06He emailed himself ZIP files of stolen photos, creating permanent Gmail records that survived his attempts at deletion.
15:14Under interrogation, he admits to everything but insists, I never posted them online.
15:20I swear to God.
15:22George Garifano's arrest comes with a twist.
15:25Connecticut State Police find zero leaked photos on his devices,
15:29but discover 7.4 terabytes of stolen content from 241 victims, including politicians' wives,
15:36Fortune 500 CEO's daughters, and his own high school classmates.
15:41His journal details two years of methodical hacking.
15:46Investigators realize Garifano represents hundreds of unknown hackers who learned phishing from the same Russian forums,
15:52targeted non-celebrities, and never got caught because their victims never went public.
15:57The celebrity hack wasn't unique.
15:59It was the visible tip of a massive iceberg.
16:02Christopher Brannon nearly escapes.
16:04The former teacher covered his tracks better, used public Wi-Fi, paid for tools with stolen credit cards,
16:11and communicated through encrypted channels.
16:13But he made one fatal error.
16:15He hacked his own sister-in-law to test his methods, and she reported the intrusion to police in 2013.
16:22That report sat unexamined until FBI agents connected her case to the celebrity hacks through matching phishing templates.
16:29When arrested, Brannon's classroom computer at Lee Davis High School contains password lists for 200 accounts, including 15 current students.
16:38His teaching career ends with federal charges that ultimately result in the harshest sentence,
16:4334 months in federal prison plus lifetime registration as a sex offender due to the underage content.
16:50By 2019, five men serve a combined 96 months in federal prison for the celebrity hacks.
16:57Collins gets 18 months and pays $75,000 restitution.
17:02Majerczyk serves nine months and undergoes court-ordered therapy for internet addiction.
17:08Garofano receives eight months and lifetime ban from social media.
17:13Herrera, caught later, gets 16 months after agents discover he accessed his neighbor's Gmail 495 times out of obsession.
17:22Yet the original, original guy who posted everything on Forshon remains unidentified.
17:28FBI analysis suggests he wasn't one of the arrested hackers but someone who obtained the photos through trading rings,
17:35then destroyed all evidence after the leak.
17:38His Bitcoin wallet sits untouched, $4,731 in cryptocurrency that nobody has claimed in 10 years.
17:47How did a simple phishing scam expose the deeper nightmare of mass surveillance?
17:51And what happened to the victims forced to live with permanent digital violation?
17:56Jennifer Lawrence cancels three days of X-Men promotion.
18:01Her publicist's phone receives 847 media requests in 72 hours.
18:07During her FBI interview at the Los Angeles field office, security footage shows her shaking uncontrollably,
18:14requiring two breaks to manage panic attacks.
18:17Agent Yasensky's report describes,
18:19Subject became extremely distressed when shown evidence photos,
18:23required medical attention for hyperventilation.
18:26Later, she tells Vanity Fair,
18:29I can't really describe the feeling.
18:32It's like being stripped naked in a stadium filled with people who hate you.
18:37Except the stadium is planet Earth and it never ends.
18:40Her words capture what 104 confirmed victims experienced,
18:45digital rape that continues every time someone searches their name on Russian forums,
18:50where the photos still circulate.
18:53Apple's damage control begins September 2nd,
18:56with Tim Cook's emergency statement claiming no iCloud breach occurred.
19:00Technically true, but deliberately misleading.
19:03Internal emails leaked in 2021 reveal Apple knew about the Find My iPhone vulnerability since 2012,
19:10but deemed fixing it low priority because it hadn't been exploited yet.
19:15Within 96 hours of the fappening,
19:17Apple patches 14 security holes,
19:20enforced rate limiting on password attempts,
19:22mandatory two-factor authentication for iCloud backups,
19:26email alerts for any backup download,
19:28IP logging for all access attempts,
19:31automatic account locks after five failed attempts,
19:34capture requirements for password resets,
19:37and inability to restore backups without confirming via trusted device.
19:42The company never admits these changes relate to the celebrity hacks,
19:46calling them routine security enhancements.
19:50The legal aftermath reshapes revenge porn legislation nationwide.
19:55Before 2014, only three states had specific laws against non-consensual pornography distribution.
20:02By 2019, 46 states pass criminal statutes with penalties ranging from misdemeanors to five-year felonies.
20:11California's SB-1255 specifically criminalizes hacking to obtain intimate images,
20:18directly inspired by the fappening, with mandatory minimum sentences.
20:23The SHIELD Act passes Congress, making image-based sexual abuse a federal crime.
20:29Platform liability changes too.
20:32Section 230 gets carved out for non-consensual pornography,
20:36making sites legally responsible for hosting stolen intimate content.
20:40Reddit, Twitter, and Facebook implement photo DNA hashing to automatically detect and block
20:47previously identified intimate images.
20:50Technology originally developed for child abuse material now repurposed for adult revenge porn.
20:55Yet, the Internet's memory proves permanent.
20:58Security researcher Troy Hunt's analysis finds fappening photos on 17,000 distinct domains as of 2024.
21:06Russian forum deepwebporn.ru hosts complete archives behind seven proxies and three jurisdictions.
21:13Telegram channels with 400,000-plus members share vintage leaks daily.
21:18AI face-swap technology makes verification impossible.
21:22Any photo could be real or generated.
21:25Jennifer Lawrence's stolen images appear in deepfake porn videos with 50 million combined views.
21:31Kate Upton discovers her leaked photos printed in a Serbian magazine.
21:35Michaela Maroney finds her underage images on a Brazilian revenge porn site
21:39that operates openly despite international warrants.
21:42The hackers went to prison, but their theft achieved digital immortality.
21:47The psychological scars run deeper than any sentence.
21:50Therapy bills from 37 victims total $3.7 million.
21:55Four celebrities attempt suicide in the year following the leak,
21:59their names sealed in court documents.
22:01Twelve quit entertainment permanently.
22:04Aubrey Plaza develops agoraphobia, unable to leave her house for three months.
22:09Gabrielle Union suffers PTSD flashbacks triggered by camera phones.
22:14Mary Elizabeth Winstead describes feeling murdered but still walking around.
22:19These women didn't just lose privacy.
22:21They lost the ability to exist in public without wondering who had seen them naked.
22:25Who had saved those photos?
22:27Who was looking at them right now while talking to them at Starbucks or their kids' school or the grocery store?
22:32The hack exposed Silicon Valley's biggest lie that our data is safe in the clouds.
22:38Every major platform suffered breaches post-fappening.
22:42Yahoo lost 3 billion accounts.
22:45Equifax exposed 147 million social security numbers.
22:50Facebook leaked 533 million phone numbers.
22:53Twitch dumped its entire source code.
22:56LinkedIn, Adobe, MyFitnessPal, Marriott, Twitter.
23:00All hemorrhaged data affecting billions.
23:03The celebrity hack wasn't an anomaly but a preview.
23:06Today, dark net markets sell cloud ripping tools for $50,
23:11automated phishing kits for $200,
23:13and step-by-step video tutorials on hacking iCloud accounts that rack up millions of views before removal.
23:19The fappening didn't end.
23:22It evolved into an industry.
23:24But here's the question nobody asks.
23:26If the fappening was just five amateurs who got caught,
23:30how many professionals never did?
23:32While you were watching celebrities lose everything to fake emails,
23:36something far worse was happening.
23:38The same year these hackers went to prison,
23:41professionals breached a database containing passport numbers,
23:45credit cards, and home addresses of 500 million travelers,
23:49including yours if you stayed at a Marriott between 2014 and 2018.
23:55Watch what happened in this video.
23:57The hack that exposed 500 million travelers.
24:00The digital authors was built in a expositing store on Microsoft Mobile.
24:06This is one of the most visible artifacts that already emerged that there's a very large
Be the first to comment