Posted on 03/22/2017 12:17:49 PM PDT by Swordmaker
“A hacker or group of hackers is apparently trying to extort Apple over alleged access to a large cache of iCloud and other Apple email accounts,” Joseph Cox reports for Motherboard. “The hackers, who identified themselves as ‘Turkish Crime Family’, demanded $75,000 in Bitcoin or Ethereum, another increasingly popular crypto-currency, or $100,000 worth of iTunes gift cards in exchange for deleting the alleged cache of data.”
“The hackers provided screenshots of alleged emails between the group and members of Apple’s security team. One also gave Motherboard access to an email account allegedly used to communicate with Apple,” Cox reports. “‘Are you willing to share a sample of the data set?’ an unnamed member of Apple’s security team wrote to the hackers a week ago, according to one of the emails stored in the account.”
“Now, the hackers are threatening to reset a number of the iCloud accounts and remotely wipe victim’s Apple devices on April 7, unless Apple pays the requested amount,” Cox reports. “According to one of the emails in the accessed account, the hackers claim to have access to over 300 million Apple email accounts, including those use @icloud and @me domains. However, the hackers appear to be inconsistent in their story; one of the hackers then claimed they had 559 million accounts in all.”
Read more in the full article here.
“‘I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing,’ one of the hackers told [Motherboard],” Hyacinth Mascarenhas reports for International Business Times. “To prove their claims, members of the hacking group reportedly provided Motherboard with screenshots of alleged emails between the group and Apple’s security team and access to an email account reportedly used to communicate with the Cupertino company.”
“The group is also said to have given the site a video, uploaded to YouTube, allegedly showing them browsing through a number of stolen iCloud accounts,” Mascarenhas reports. “According to the emails allegedly exchanged between Turkish Crime Family and Apple, a member of the company’s security team asked them to take down the YouTube video ‘as it’s seeking unwanted attention’ and said they ‘do not reward cyber criminals for breaking the law.’ The team member also warned that archived communications with the group would be sent to the authorities.”
“Members of the group were also reportedly inconsistent about their claim with one of the hackers claiming they had 559 million accounts,” Mascarenhas reports. “The Turkish Crime Family Twitter account, however, claims 200 million iCloud accounts will be affected in the April cyberattack.”
Read more in the full article here.
MacDailyNews Take: If true, somebody should tell these jokers that crime doesn’t pay*.
Hi Sword, thanks for the suggestion to change the AppleId. Hope you’re feeling well these days. I’m now shopping for new phone. The smaller models like SE are my current fav. But you’ve mentioned security improvements with each new iphone. I just wish they’d shrink these “phones” a bit from mini ipad territory. I know millenials are surfing more with their phones but geez! Have I reached the age of heading out to pasture? (rhetorical question, don’t answer)
It probably cost Apple more than that to asses the threat.
Sounds like to me that these guys were able to get Apple ID credentials through social engineering not via “hacking”.
True, although I hate changing passwords. Some I've kept for years. Guess I'll have to change the "12345!54321" to "54321!12345". (People, don't copy my password for yourself!)
That’s from the original series “V”, where reptilians came to earth to “save” us. FOR THEIR DINNER!
Agreed.
Highly unlikely this could be done.
“Skateboards, a new PlayStation, Doritoss and a lot of cheese...moose cheese.
I have had two-factor for a couple of years. . . so I am not too worried. I will also make a backup to my computer, but that's a normal housekeeping thing in case I lose my iPhone or iPad. Both things are possible and should be done in any case.
$75 K wouldn't pay for a semester of college here. I'm convinced this is a hoax. I particularly like the petulant comment from the "Turkish Crime Family," a name which implies a large organized group, of "I just want my money," a statement which implies one lone guy, whining away in his basement. LOL!
Isn't she the head alien in "V"?
Maybe this will stop the “ not enough storage for back up” crap I get on my iPhone. I hate that. Deleted every photo/ video on it and they still try to sell me storage.
The biggest security risk out there is Facebook.
The second is any app or tool written in Java.
Android is mostly Java.
This makes apps much easier to write for Android.
Also much easier to hack.
Hackers should be hacked...repeatedly in my view...with a dull machete...until the cows come home...and the cows should be fifty miles from home.
I keep getting the “Dear Apple user. Your account has been locked. Enter your password below or all information will be deleted.” I’m all... “Go try John Podesta.”
They can get to Android also. I don’t think anything is really safe.
When the cows come home they should crap on them. . .
It works well. I’ve a ridiculous number of apps, music, photos, videos, etc “on” the iPhone, but Apple has done good in staging stuff to iCloud when running low on space. I expect they’ll start “virtual uninstall” for seldom-used apps, re-downloaded and restoring data as needed.
Sometimes putting seemingly problematic limitations on common issues is a good way to find better solutions. Shoving in more memory is one thing; making it easy to off-load content to limitless servers, and restore on demand, is better.
“Deleted every photo/ video on it and they still try to sell me storage.”
Probably because it still retained “deleted” content for a month to make sure you really meant it.
...says the guy whose device could be breached by simply entering a very long user ID.
Is it that easy to hack a droid phone? I didn’t realize that.
Password actually, and it’s slightly more involved than just that, but truly is a staggeringly simple vulnerability. Details here: http://sites.utexas.edu/iso/2015/09/15/android-5-lockscreen-bypass/
Many (most?) Android devices are still vulnerable, because the product range is so fragmented.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.