Group Demands Apple Pay Ransom for iCloud Credentials

apple-ransom-demand
Apple has received a ransom threat from a hacking group claiming to have access to data for up to 800 million iCloud accounts. The hackers, said to be a group called the “Turkish Crime Family,” have threatened to reset passwords and remotely wipe the iPhones of millions of iCloud users if Apple fails to hand over a total of $700,000. They have given the company an ultimatum to respond by April 7

Apple reportedly has denied that the group succeeded in hacking its systems, maintaining that it obtained the email addresses and passwords from previously compromised third-party services. Apple is working with law enforcement on the threats.

The data set in the iCloud hack matches the data found in the 2012 hack of 117 million accounts on LinkedIn, according to some published reports.

However, the Turkish Crime Family strongly denied that in a message to TechNewsWorld on Friday.

Correcting the Message

The initial reports of a ransom demand of just $75,000 were incorrect, the group said in response to our email query. It actually demanded $100,000 for each of its seven members, plus “extra stuff from Apple that are worth more to us than money,” which it promised Apple it would keep secret.

The group also told TechNewsWorld that the only member based in London is Kerem Albayrek, who is facing charges related to listing a hacked Yahoo database for sale. It claimed that its iCloud ransom demands were in part to spread awareness of Albayrek, as well as of Karim Baratov, a Canadian resident charged earlier this month, along with a second hacker and two Russian FSB agents, in the 2014 breach of 500 million Yahoo account holders.

The group told TechNewsWorld that it showed Apple scan logs that contain 800 million iCloud accounts, and that Apple claimed the data had come from outside sources.

The group said it planned to launch a website that would list iCloud user names, last names, dates of birth and a captcha of their current location from an iCloud app.

The site will not disclose passwords initially, the group said, but it would do so “most probably in the future.”

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s