Hacker’s claims are yet to be fully verified as Apple says it won’t pay up for stolen user credentials
A group of hackers calling itself the “Turkish Crime Family” claims to have stolen over 300 million iCloud and other Apple accounts and is demanding a ransom from Apple.
The group wants Apple, one of the world’s richest companies, to cough up $75,000 (£60,000) in crypto-currencies Bitcoin or Ethereum, or $100,000 (£80,000) worth of iTunes gift cards in exchange for deleting the stolen data.
Apple has been given a deadline of 7pm on April 7, after which the group will remotely wipe the accounts allegedly in its possession if no ransom is received.
Speaking to Motherboard, one of the hackers said: “I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing.”
Although the claims have not yet been verified, the group has reportedly uploaded a video to YouTube which appears to show them logging in to some of the stolen iCloud accounts and accessing the user’s backed-up photos.
In the screenshots, Apple requested that the video be taken down and said “we would like you to know that we do not reward cyber criminals for breaking the law”.
Motherboard also says it was shown screenshots of alleged email conversations between the group and Apple’s security team, in which Apple asks if the hackers are “willing to share a sample of the data set?”
Speaking to IBTimes, a member of the Turkish Crime Family said: “We are doing this because the people at Apple are not doing their jobs properly and mainly to spread awareness for Karim Baratov and Kerem Albayrak, which both are being detained for the Yahoo hack and are most likely facing heavy sentencing.”
Dan Sloshberg, cyber resilience expert at Mimecast commented: “The fact that hackers have once again targeted the iCloud highlights the critical need for effective cyber resilience when using cloud platforms.
“Ransom attacks are the most popular method used by cyber criminals today. Perpetrators have simply become too good at it and quietly paying attackers off in the event that networks are breached is quickly becoming the norm and only emboldens them further.”
Think you’re a security pro? Try our quiz!