• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

Hackers blackmailing Apple for $75K or will wipe 300m iCloud accounts

Status
Not open for further replies.

Majine

Banned
Note: Bring lots of salt. Still, sad!

Macrumors said:
A single hacker or group of hackers who have identified themselves as the "Turkish Crime Family" allegedly have access to at least 300 million iCloud accounts, but they are willing to delete the alleged cache of data if Apple pays a ransom by early next month, according to a report from Motherboard.

The hackers have allegedly demanded $75,000 to be paid in cryptocurrencies Bitcoin or Ethereum, or $100,000 worth of iTunes gift cards, by April 7, or they will reset a number of the iCloud accounts and remotely wipe victims' Apple devices. The email accounts are said to include @iCloud.com and @me.com addresses.

The report said that the hackers "provided screenshots of alleged emails between the group and members of Apple's security team," while the hackers also shared an unlinked YouTube video that seemingly shows proof of them accessing "an elderly woman's iCloud account" and "the ability to remotely wipe the device."

If the screenshotted email is accurate, which it very well might not be, a member of Apple's security team turned down the ransom, noting that Apple does "not reward cyber criminals for breaking the law."

"We firstly kindly request you to remove the video that you have uploaded on your YouTube channel as it's seeking unwanted attention, second of all we would like you to know that we do not reward cyber criminals for breaking the law," a message allegedly from a member of Apple's security team reads. (Motherboard only saw a screenshot of this message, and not the original). The alleged Apple team member then says archived communications with the hacker will be sent to the authorities.
Apple did apparently request to see a sample of the dataset, according to the report, but it is unclear if the hackers obliged.

"I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing," one of the hackers said.

The report should be treated with a healthy dose of skepticism, as these allegations could be untrue, and Apple has yet to confirm or comment on the matter.

Source
 

iMax

Member
$100,000 worth of iTunes gift cards

rh2Ue.gif
 

FZZ

Banned
lmao

these are either really reasonable and realistic hackers

or they just dumb as shit and are extorting well below what they can
 

Viewt

Member
The fucked up thing here is that Apple would probably pay these guys $75K as a bug bounty if their exploit is as serious as they claim, and they wouldn't have to make threats.
 
They shoulda just did it and used that as a threat for cash. But since they're either not smart or don't have the ability to do so.
 
If they're smart, they are just bluffing. $75,000 is less than pocket change for Apple and they might have thought that they'd just pay it to get it over with or something. If they actually do have access to those accounts, then they are really lowballing it.
 

Skel1ingt0n

I can't *believe* these lazy developers keep making file sizes so damn large. Btw, how does technology work?
And Apple has one of their mid-tier guys do something on the back-end tonight and all is well. Apple has probably one of the strongest private security teams on the planet - I doubt they're worried.
 
Update: The group claims additional hackers have stepped forward and shared additional account credentials, putting the number of accessible iCloud accounts at over 627 million, according to security-centric website CSO Online.


Now it's 627 million accounts.
 
Even if they do have anything... they can't wipe accounts. No way a company like apple doesn't keep meticulous, often, backups of everything.

edit: Oh, I guess they could maybe (lol) wipe a few peoples devices, but they don't have anything anyway, given the absurdly low ransom.
 

vypek

Member
75K? LMAO. So they are stupid and don't have anything or is it that they feel the likelihood of getting paid gets much higher when they ask for such a small amount
 

HoodWinked

Member
apple probably settles for much less to patent trolls on a regular basis. if the hackers have a demonstrable way of showing that they actually have the means to do it and info on how to plug the security hole its probably more economical to do it.
 

ElRenoRaven

Member
I'm torn on this. I agree don't give in to criminals. I want to feel sorry for people that are hacked. At the same time I don't. Maybe it will take something like this to teach all of these people a lesson about securing their shit. But I do know that some just don't know better. So I do feel kind of sorry for those folks. Either way Yea apple should not compromise. Maybe apple can require everyone who isn't using two factor to change their passwords. Maybe some sort of pop up notice on their devices.
 

tuffy

Member
This whole story is nonsense. Apple could just, I dunno, maybe not process millions of suspect iCloud account resets going through their own system. Or trace where thousands of dollars worth of their own iTunes gift cards have gone to and alert the authorities.
 

Somnid

Member
They have nothing. Even if they did Apple can just suspend wiping of the devices. And even if Apple gave them giftcards they could disable them. This is so stupid.
 
I've got the most recent two-factor authentication setup on mine so I'm fine regardless, but these guys sound like they're full of shit too.
 

Juno

LIAR and a FELON
I like to think Apple keep laughing and saying no and then eventually the hackers come back and say...

"Okay, we're prepared to lower our demands... We want 25 new, sealed iPhone 5Cs in Lime Green. And that's our last offer!"
 
Status
Not open for further replies.
Top Bottom