Hackers attempt to extort Apple with threat to remotely wipe iPhones, iPads

Posted:
in iCloud edited March 23
Hackers are allegedly trying to extort Apple by holding its customer's data for ransom, with threats to reset a number of supposedly compromised iCloud accounts and remotely wiping connected iPhones and iPads if they are not paid.




The group, self-identified as the "Turkish Crime Family," want either $75,000 in the Ethereum or Bitcoin cryptocurrencies or $100,000 in iTunes gift cards from Apple, reports Motherboard. Apple has been given a deadline of April 7 to meet their demands, or else the hackers will start wiping the accounts and iOS devices.

The hackers provided screenshots to the report that allegedly showed conversations with Apple's security team, as well as providing temporary access to an email account supposedly used for communicating with Apple as further proof. In one message said to be from Apple, an unnamed security team member asks the hackers "are you willing to share a sample of the data set?," possibly to confirm accounts were genuinely breached.

The hackers have also allegedly uploaded a video to YouTube, showing them accessing some of the stolen accounts and viewing stored data, as further proof of their capabilities.

Another message supposedly from Apple asked for the removal of the YouTube video, before advising "We do not reward cyber criminals for breaking the law." In the same message, the security team claims an archive of communications with the hacking group will be sent to authorities.




The extent of the potential damage to iCloud accounts the hackers can cause is questionable, with an initial claim of access to over 300 million Apple email accounts on the @icloud and @me domains later changed to 559 million accounts. It is also noted the compromised accounts provided to the report to verify the hacker's claims were in fact the accounts featured in the YouTube video, with no credentials provided for any other account under the group's control.

It is also possible the hackers went to the report in order to try and apply pressure from the media to coerce payment from Apple, with Motherboard seeing multiple messages to outlets in the email account it was given access to. "I just want my money and though this would be an interesting report that a lot of Apple customers would be reading and hearing," the hackers wrote in a message to the report.

It is unclear exactly how the hackers acquired access to so many accounts, though it is unlikely to have been via a breach of Apple's servers. It is plausible for the account credentials to have been acquired through other means, such as the account holders using the same email address and password combination for other services which have suffered a major breach, or through social engineering.

As part of an investigation into the leaks of compromising photos of celebrities from iCloud accounts, Apple discovered that it was caused through social engineering, hackers successfully phishing for hundreds of account credentials. So far, two hackers pleaded guilty to the activities, with one sentenced to 18 months in prison, and another for nine months, as well as restitution.
«1

Comments

  • Reply 1 of 28
    smaffeismaffei Posts: 117member
    Change your Apple ID password and turn on Two-step verification to prevent any further nonsense.
    propodzroger73russwlostkiwilolliver
  • Reply 2 of 28
    zorinlynxzorinlynx Posts: 166member
    This is a stern reminder to ALWAYS make sure you have a complete backup of your data independent from iCloud and other online services. Do NOT depend solely on cloud services to store your precious data as it only takes one incident like this to nuke it all.
    lostkiwilkallianceben20lolliver
  • Reply 3 of 28
    "$100,000 in iTunes gift cards"

    LOLOL. 15 year olds from some town in Oregon confirmed. 


    slprescottretrogustoteaearlegreyhotedredbaconstangzroger73StrangeDaysDeelroncalilolliver
  • Reply 4 of 28
    uraharaurahara Posts: 131member
    "$100,000 in iTunes gift cards"

    LOLOL. 15 year olds from some town in Oregon confirmed. 


    why? because they can sell it on the black/grey market with the discount for the same 75k USD?
    cali
  • Reply 5 of 28
    NY1822NY1822 Posts: 263member
    so they have the power to take down the largest company in the world and all they want is $100k....not buying it
    baconstangStrangeDayslkallianceDeelronwatto_cobra
  • Reply 6 of 28
    Maybe this explains the two calls I've gotten this week from 844-413-7015 telling me that they've noticed suspicious activity on my iCloud account, and I should call them back at 844-467-8693 before using any Apple devices. Actually, they said to call them "on" that number, and I'm always a little suspicious of people that use British English with an American accent.  

    Fishy, and phishy. 
    baconstangtmaycali
  • Reply 7 of 28
    asdasdasdasd Posts: 4,513member
  • Reply 8 of 28
    mac_128mac_128 Posts: 2,770member
    Fortunately I don't backup anything to iCloud, and my iOS devices are all encrypted back-up to my Mac via wireless iTunes sync. I don't keep sensitive info on iCloud, so hack away!
  • Reply 9 of 28
    "$100,000 in iTunes gift cards"

    LOLOL. 15 year olds from some town in Oregon confirmed. 


    ROFL, this is EXACTLY the image the article evoked in my mind, too.   "We've got you now, Apple, and you will pay us ONE HUNDRED THOUSAND DOLLARS!  Bwaa-haaa-haaa!!!"
    edited March 22 tmayzroger73russwlkalliancewatto_cobra
  • Reply 10 of 28
    ktappektappe Posts: 702member
    urahara said:
    "$100,000 in iTunes gift cards"

    LOLOL. 15 year olds from some town in Oregon confirmed. 
    why? because they can sell it on the black/grey market with the discount for the same 75k USD?
    Because if Apple supplies them gift cards, in return for them disclosing the breach, then Apple can turn around and disable those gift card codes, leaving them with nothing. The same as the police recording the serial #'s of bills supplied as ransom payment.
    watto_cobra
  • Reply 11 of 28
    asdasdasdasd Posts: 4,513member
    ktappe said:
    urahara said:
    "$100,000 in iTunes gift cards"

    LOLOL. 15 year olds from some town in Oregon confirmed. 
    why? because they can sell it on the black/grey market with the discount for the same 75k USD?
    Because if Apple supplies them gift cards, in return for them disclosing the breach, then Apple can turn around and disable those gift card codes, leaving them with nothing. The same as the police recording the serial #'s of bills supplied as ransom payment.
    so it is moronic to ask for them then.

    This is almost certainly just a total group of amateurs
    watto_cobra
  • Reply 12 of 28
    If these kids are indeed capable, guaranteed they can earn much much more than 75k as white hats.
  • Reply 13 of 28
    gatorguygatorguy Posts: 15,920member
    Maybe this explains the two calls I've gotten this week from 844-413-7015 telling me that they've noticed suspicious activity on my iCloud account, and I should call them back at 844-467-8693 before using any Apple devices. Actually, they said to call them "on" that number, and I'm always a little suspicious of people that use British English with an American accent.  

    Fishy, and phishy. 
    I received a very official looking email from "Apple" this past week noting suspicious activity and asking me to log-in to view. I ignored it since I have nothing of any value stored on iCloud anyway. I also often use a VPN which might make my location appear suspicious (it has on some sites/log-ins).  Based on this article I might take another look at it later today. 

    EDIT: I guess I won't have a look again. I've already deleted it. 
    edited March 22
  • Reply 14 of 28
    asdasdasdasd Posts: 4,513member
    starwars said:
    If these kids are indeed capable, guaranteed they can earn much much more than 75k as white hats.
    They have nothing
    watto_cobra
  • Reply 15 of 28
    wigginwiggin Posts: 2,238member
    ktappe said:
    urahara said:
    "$100,000 in iTunes gift cards"

    LOLOL. 15 year olds from some town in Oregon confirmed. 
    why? because they can sell it on the black/grey market with the discount for the same 75k USD?
    Because if Apple supplies them gift cards, in return for them disclosing the breach, then Apple can turn around and disable those gift card codes, leaving them with nothing. The same as the police recording the serial #'s of bills supplied as ransom payment.
    But it's not as if they are going to spend the gift cards themselves. They sell them to unsuspecting 3rd parties who then find out they paid for worthless gift cards. Apple wouldn't lose any money, but the hackers still get theirs. And the 3rd parties learn a very important less about buying such things only from reputable sources.
    edited March 22
  • Reply 16 of 28
    Is it phishing season already?
    watto_cobra
  • Reply 17 of 28
    ...once the horse has left the barn (offsite cloud anything) does one by definition risk losing control...?
    I keep asking if Apple might incorporate iCloud and Certificates into Server...?
    Something perhaps along the lines of owncloud.org ?
    edited March 22
  • Reply 18 of 28
    badmonkbadmonk Posts: 561member
    Apple needs to make iDrones just for these types of situations.
    watto_cobra
  • Reply 19 of 28
    linkmanlinkman Posts: 557member

    It is unclear exactly how the hackers acquired access to so many accounts, though it is unlikely to have been via a breach of Apple's servers. It is plausible for the account credentials to have been acquired through other means, such as the account holders using the same email address and password combination for other services which have suffered a major breach, or through social engineering.
    There is no way to have obtained credentials for 559 million Apple accounts through social engineering. It's even doubtful that they could have gotten that many through hacking other sites where users use the same id/password combo. How many Apple accounts are out there? Even if it's a billion then that would mean over half use the same -- very unlikely. The hackers got a few accounts compromised and are trying to exploit this small sample as success for almost every account.
    watto_cobra
  • Reply 20 of 28
    They have managed to get a few accounts by social engineering.  Both my wife and I have gotten several e-mails during the past month telling us there was suspicious activity on our iCloud accounts.  Of course there was a link there to click on the verify our information.  I'm sure it would have taken us to look alike site, and ask us to enter out username, and password.
    watto_cobra
Sign In or Register to comment.