14 DAY TRIAL // Over the weekend, documents obtained by Gawker reporter Sam Biddle revealed the name of the second suspect investigated by US authorities in the famous nude celebrity hack of 2014, also known as The Fappening or Celebgate.
Last September, US courts unsealed the first documents related to The Fappening investigation. The documents were search warrants that revealed that FBI agents from the Chicago office raided the home of Emilio Herrera, a young man suspected of hacking the email and iCloud accounts of over 100 celebrities, stealing and then leaking private images and videos.
Herrera was never arrested but only had his home searched on October 15, 2014. The documents also noted that the suspect's IP addresses accessed 572 unique iCloud accounts on 3,263 different occasions between May 31, 2013, and August 31, 2014.
Last Friday, new documents relating to this investigation were released and showed that on the same day, October 15th, 2014, the FBI searched the home of a second suspect, Ed Majerczyk, also from Chicago.
Majerczyk and Herrera hacked different persons
The FBI says that Mr. Majerczyk registered the [email protected] email address, similar to the official [email protected] address, and conducted basic social engineering and phishing campaigns to trick various celebrities into revealing their passwords.
Court documents don't name the celebrities, but only use name initials like J.L., K.U., J.V. and A.L. J.L. could stand for Jennifer Lawrence, K.U. for Kate Upton, and J.V. for Justin Verlander, all victims of The Fappening.
The court documents from Herrera's investigation linked him to other celebrities with initials that hint at hacks against Abigail Spencer, Christina Hendricks Hope Solo, Jennette McCurdy, Olivia Wilde, Anna Kendrick, Emily Browning, and Amber Heard.
FBI says that Majerczyk accessed 330 unique iCloud accounts over 600 times. As Herrera, Majerczyk was not arrested.
Escape goats or the real hackers?
Some questions linger around the fact that people crafty enough to create complex phishing campaigns were not able to hide their home IP addresses, one of the first things a hacker ever learns.
The common belief is that both Herrera and Majerczyk seem to be escape goats, who had their computers infected and used as a proxy to download the iCloud files and then transferred them to the real perpetrators.
Additionally, none of the two seems to have hacked the same celebrities. This makes them look as intermediary hosts as the real hacker switched mules between hacking attempts.
Of course, the two could have also worked together, but the documents don't establish any link between them, except their home city of Chicago.
You can view all the FBI documents on Majerczyk online here, and Herrera here.