Alleged Hunter-Biden leak shows iCloud can be the weak link in iPhone security


Credit: Kris Connor/WireImage/Getty Images

The conservative blogosphere is aflame with another suspected leak of Hunter Biden’s personal information, this time the “iPhone From Hell”.

The leak went viral on 4chan, where a user claimed to have hacked into Hunter’s iCloud backup and then used a tool that allowed users to restore files from Apple’s cloud backup site. The files are now being dissected by 4chan in what appears to be another leak of a vast amount of personal information from President Joe Biden’s son. In 2020, Hunter Biden left a laptop at a Delaware repair shop, the contents of which were taken by the shopkeeper and shared with conservative media.

“The iPhone contains voice messages, videos, voice recordings, pictures, etc. of Joe,” the anonymous user wrote on 4chan. “There are two folders in this ZIP, one for an iPad and the other for an iPhone backup.”

Motherboard has not been able to independently verify the files or their provenance, although a number of photos of Hunter Biden, which do not appear anywhere else on the web, have been posted to 4chan.

The post includes several screenshots showing the interface of a tool called iPhone Backup Extractor, which according to the tool’s official websiteallows to recover “lost iPhone messages, photos, calendars, contacts, notes, locations and data from iPhone backup and iCloud”.


The screenshots posted in the 4Chan thread. (Picture: motherboard)

Given these screenshots, it’s plausible that this 4Chan user or someone else figured out Hunter’s iCloud account and then hacked into it, perhaps by guessing the password.

At this point, they could have used iPhone Backup Extractor to explore the contents of Hunter’s iPhone and iPad and downloaded the data that they found interesting. In a video showing how the tool worksthe company says a user can simply enter iCloud credentials into the software to then browse and restore files from the cloud backup.

This new Hunter scandal comes almost two years after this New York Post claimed to have received a copy of a laptop from Hunter from a repair shop in Delaware. Conservatives tried – and failed – to use the laptop’s contents to torpedo Joe Biden’s presidential campaign. The alleged dates included emails between Hunter and his father and photos of him allegedly doing crack and having sex.

This wouldn’t be the first time hackers have used software to access data on an iPhone to obtain sensitive personal information. In 2014, hackers partially accessed the highly personal images of dozens of celebrities including Jennifer Lawrence, Kate Upton, and Kirsten Dunst with a forensic tool designed for police officers and law enforcement agencies to obtain data from the iPhones of suspected criminals, dubbed Elcomsoft Phone Password Breaker or EPPB. As Wired reported at the time, “EPPB allows anyone to pose as a victim’s iPhone and download their full backup, rather than the more limited data accessible on”

This apparent hack-and-leak shows that using iCloud backups can increase the attack surface for high-profile hacking targets. On the one hand, it’s true that storing your iPhone’s data in Apple’s cloud can provide a way for hackers to get hold of your data that wouldn’t otherwise be there. And it’s a way that’s theoretically easier to exploit than aiming straight at your iPhone (where data is encrypted by default) or trying to get the phone’s backup, which is only stored on a hard drive or computer.

Privacy experts have warned that data on iCloud can be easily preloaded since it is not encrypted; Data on an iPhone is more difficult to extract, although it can be done if law enforcement has physical access to the device and uses a tool like a GrayKey.

The reality is that most people prefer to turn on automatic backups in iCloud instead of thinking about plugging in their iPhones and using iTunes for local backups because it’s more convenient. If you use a strong password and two-factor authentication, it becomes relatively difficult to hack into your iCloud account.

“If you’re worried about subpoenas then iCloud is risky, but for everyone else I guess a strong password and Apple’s [two step verification] is a strong solution,” Ryan Stortz, a cybersecurity researcher with experience in iPhone security, told Motherboard in an online chat.

The White House declined to comment, referring Motherboard to Hunter Biden’s representatives.

Motherboard has sent a request for comment to the email address allegedly belonging to Hunter that is included in the 4chan screenshots. The owner of the address did not reply.

Hunter’s legal representative, Christopher Clar, did not immediately respond to a request for comment.

Subscribe to our podcast CYBER. Subscribe to our new Twitch channel.

Leave a Comment

%d bloggers like this: