Hackers Claim Access to 300 Million iCloud Accounts, Say Apple Refused to Pay $75,000 Ransom

Discussion in 'iOS Blog Discussion' started by MacRumors, Mar 22, 2017.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    A single hacker or group of hackers who have identified themselves as the "Turkish Crime Family" allegedly have access to at least 300 million iCloud accounts, but they are willing to delete the alleged cache of data if Apple pays a ransom by early next month, according to a report from Motherboard.

    [​IMG]

    The hackers have allegedly demanded $75,000 to be paid in cryptocurrencies Bitcoin or Ethereum, or $100,000 worth of iTunes gift cards, by April 7, or they will reset a number of the iCloud accounts and remotely wipe victims' Apple devices. The email accounts are said to include @icloud.com, @me.com, and @mac.com addresses.

    The report said that the hackers "provided screenshots of alleged emails between the group and members of Apple's security team," while the hackers also shared an unlinked YouTube video that seemingly shows proof of them accessing "an elderly woman's iCloud account" and "the ability to remotely wipe the device."

    If the screenshotted email is accurate, which it very well might not be, a member of Apple's security team turned down the ransom, noting that Apple does "not reward cyber criminals for breaking the law."
    Apple did apparently request to see a sample of the dataset, according to the report, but it is unclear if the hackers obliged.

    "I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing," one of the hackers said.

    The report should be treated with a healthy dose of skepticism, as these allegations could be untrue, and Apple has yet to confirm or comment on the matter.

    Update: The group claims additional hackers have stepped forward and shared additional account credentials, putting the number of accessible iCloud accounts at over 627 million, according to security-centric website CSO Online.

    Article Link: Hackers Claim Access to 300 Million iCloud Accounts, Say Apple Refused to Pay $75,000 Ransom
     
  2. zorinlynx macrumors 601

    zorinlynx

    Joined:
    May 31, 2007
    Location:
    Florida, USA
    #2
    Might be a good time to:

    1) Make sure you have your own independent backup of all your data in iCloud. You should do this regardless of hacker threats.
    2) Change your Apple ID password.
    3) Check your signed-in devices list for any devices you don't recognize, and remove them.
    4) For the love of whatever deity you believe in, enable two-factor authentication. C'mon, people. :)
     
  3. djlythium macrumors 6502

    djlythium

    Joined:
    Jun 11, 2014
    #3
    This is equally disturbing, and comical, as the hackers are like "APPLE! GIVE US MONEY! ...Or, you know, just free iTunes stuff. Either will do."
     
  4. gmanist1000 macrumors 68030

    gmanist1000

    Joined:
    Sep 22, 2009
    #4
    Grandma doesn't know how to do any of that :(
     
  5. Michaelgtrusa macrumors 604

    Michaelgtrusa

    Joined:
    Oct 13, 2008
    Location:
    Everywhere And Nowhere
    #5
    In light of the china server scam this might be true.
     
  6. Rainshadow macrumors member

    Rainshadow

    Joined:
    Feb 16, 2017
    #6
    Go get a job. Certainly these skills could be used in the real world and could net you more than a measly $75,000.

    Just wow.
     
  7. imicca macrumors member

    imicca

    Joined:
    Nov 15, 2013
    Location:
    Yerevan, London
    #7
    "Turkish Crime Family"
    Hate to say this but, it does not look like Turks learn anything that history teaches them.
    Worst possible name ever for a hacking group. Could not come up with something creative? Looks like a name of bunch of thugs who attack tourists.
     
  8. zorinlynx macrumors 601

    zorinlynx

    Joined:
    May 31, 2007
    Location:
    Florida, USA
    #8
    Those iTunes cards get resold (at a loss; note they want more $ in gift cards than in cash), so it's the same thing. They're just greedy criminal scum.
     
  9. Corrode macrumors 6502a

    Corrode

    Joined:
    Dec 26, 2008
    Location:
    Calgary, AB
    #9
    This is a very real concern. I can handle these steps, but can my parents? (Maybe we need to have an iCloud security party )
     
  10. JustSomeInfo macrumors newbie

    Joined:
    Nov 28, 2016
    #10
    If I could delete 300 million iCloud accounts, I'd ask for more than $75,000
     
  11. zorinlynx macrumors 601

    zorinlynx

    Joined:
    May 31, 2007
    Location:
    Florida, USA
    #11
    I'm actually going to sit with my mom this week and make sure she has 2FA enabled on her account/phone. Everyone should teach their parents and family about security practices if you are able.
     
  12. mollyc macrumors regular

    Joined:
    Aug 18, 2016
  13. jvaska macrumors 6502

    Joined:
    Feb 18, 2002
    Location:
    Haiti/NYC
    #13
    Doesn't every Apple account id have an icloud account (email) with it? I don't use mine...I don't want it...but there it is...
     
  14. zorinlynx macrumors 601

    zorinlynx

    Joined:
    May 31, 2007
    Location:
    Florida, USA
    #14
    Log into icloud.com and go to settings. The list of signed in devices will show at the bottom.
     
  15. mollyc macrumors regular

    Joined:
    Aug 18, 2016
    #15
    Thanks, just found that! I never log into iCloud because I don't actually use it.
     
  16. tkukoc macrumors 6502a

    tkukoc

    Joined:
    Sep 16, 2014
    Location:
    USA
    #16
    Going with... don't think so. You want iTunes gift cards as payment.. have icloud account information of random people? Good grief why would anyone buy into this nonsense, there's more holes here then swiss cheese.
     
  17. jimothyGator macrumors member

    jimothyGator

    Joined:
    Jun 12, 2008
    Location:
    Atlanta, GA
    #17
    You can also do this at https://appleid.apple.com, which is where you can set up two-step verification.
     
  18. DiamondGCoupe macrumors 6502

    Joined:
    Nov 12, 2007
  19. jvaska macrumors 6502

    Joined:
    Feb 18, 2002
    Location:
    Haiti/NYC
    #19
    Apple doesn't even provide my country with 2 factor setup. Goddamn!
     
  20. WordsmithMR macrumors 6502

    WordsmithMR

    Joined:
    Mar 17, 2015
    Location:
    Murica
    #20
    Wouldn't it be easier to provide the activated iTunes gift cards and then wipe them?
     
  21. Yod4 macrumors newbie

    Yod4

    Joined:
    Sep 12, 2014
    #21
    If the hack is based on password theft, Apple could push all (affected) users to change passwords immediately in order to neutralize the offenders. If it is some other kind of (server based) exploit, well then changing passwords wouldn't be of any help anyway.
     
  22. oneMadRssn macrumors 68040

    oneMadRssn

    Joined:
    Sep 8, 2011
    Location:
    Boston, MA
    #22
    Yes. To me, this is the give-away. They clearly picked an amount that is high enough for them to justify faking it all, but low enough to be a mere nuisance to Apple. If they were serious, they would be asking for millions.
     
  23. LordQ macrumors 68040

    LordQ

    Joined:
    Sep 22, 2012
    #23
    Am I the only one who just got a "Session Expired" on all my Apple products? :S
     
  24. Yod4 macrumors newbie

    Yod4

    Joined:
    Sep 12, 2014
    #24
    It seems like the hackers are trying to gain credibility by using the recent much-publicized Twitter hack by a Turkish group (who knew Turkey made hackers, right?). I'm calling BS.
     
  25. dannys1 macrumors 68000

    dannys1

    Joined:
    Sep 19, 2007
    Location:
    UK
    #25
    Sounds like a kid bought a hacked iCloud account from the dark web and then tried to hold Apple web chat to ransom :D
    --- Post Merged, Mar 22, 2017 ---
    No, that happens all the time, in fact far too frequently for my liking. I wish there was an option on iOS devices to not have to enter your Apple ID password for no reason what so ever on a regular basis too.
     

Share This Page