Apple, iCloud Accounts Stolen? Hackers Blackmailing Apple Over Supposed Stolen Credentials
A group of hackers is trying to blackmail Apple over an alleged collection of stolen credentials for iCloud and other Apple services, according to a report from Motherboard.
The hackers, who go by the “Turkish Crime Family,” have demanded one of the world’s richest companies pay $75,000 in bitcoin or alternative cryptocurrency ethereum or $100,000 in iTunes gift cards in exchange for deleting the user information.
The group has been inconsistent in its reporting of how many accounts have been compromised, but its claims range 300 million to 559 million Apple email accounts, including those ones registered to @icloud and @me domains. A member of the collective told International Business Times they have 210 million accounts in their possession.
"We are doing this because the people at Apple are not doing their jobs properly and mainly to spread awareness for Karim Baratov and Kerem Albayrak, which both are being detained for the Yahoo hack and are most likely facing heavy sentencing," a member of the Turkish Crime Family told IBT.
Read: Stolen Uber Passwords Selling For 40 Cents On The Dark Net As Prices Plummet
The hackers have reportedly provided screenshots of communications they have had with Apple’s security team and access to an account used to contact Apple. The hackers did not provide access to any of the supposed compromised credentials to prove the login information is accurate.
In a video uploaded by the hackers to YouTube, they purport to show a successful login to an Apple account belonging to an older woman. Once logged in, the hackers show they have access to her photos stored in her iCloud. They also highlight the ability to remotely erase the device.
In the alleged conversations with Apple’s security team, the hackers are asked to provide a sample set of the data so Apple can confirm its authenticity. A security team member also asks the hackers to remove the YouTube video and warns their communications will be sent to law enforcement.
Read: Yahoo Confirms Data Breach: Over 500M User Credentials Compromised In Hack
“We would like you to know that we do not reward cyber criminals for breaking the law," one of the messages allegedly from a member of Apple's security team read.
“I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing,” one of the hackers involved in the extortion attempt told Motherboard.
The Turkish Crime Family has given Apple until April 7 at 7 p.m. GMT to pay the ransom for the supposed stolen accounts. If the demands aren’t met, the group is threatening to remotely wipe the devices belonging to the account holders. According to the hackers, they are "process of strengthening our infrastructure for our scripts" and expect erasing the accounts will take about 8 hours to complete.
© Copyright IBTimes 2024. All rights reserved.