Hackers demand Apple pay ransom or they'll remotely wipe iDevices

Shawn Knight

Posts: 12,597   +124
Staff member

A group of hackers calling themselves the Turkish Crime Family claim to have access to at least 300 million Apple accounts. In speaking with Motherboard, the hackers say they’ve been in contact with Apple’s security team regarding a ransom of $75,000 in Bitcoin or Ethereum (another decentralized blockchain-based distributed computing platform) or $100,000 in iTunes gift cards.

The team reportedly provided the publication with access to an e-mail account and screenshots of e-mails between them and Apple’s security team. The hackers also shared a YouTube video in which it appears as though they log into some stolen accounts including one allegedly belonging to an elderly woman. Said account includes backed-up photos as well as the ability to remotely wipe her device.

In an alleged reply from Apple, the company asks the hackers to remove the video uploaded to YouTube as it is seeking unwanted attention. The Cupertino-based company goes on to say that they do not reward cyber criminals for breaking the law and that the communications with them will be sent to the authorities.

The publication says the hackers have told Apple they will reset a number of the iCloud accounts and remotely wipe victim’s devices on April 7 unless the ransom is paid.

As Motherboard notes, there are some inconsistencies in the hackers’ story. At one point, they claimed they had 559 million accounts, not 300 million. Also, it’s not all that difficult to fake screenshots and e-mails. Then again, it’s entirely possible that they do have access to the accounts but are keeping details close to the vest.

Barring any legal intervention or patches, I suppose we’ll find out either way come April 7. In the meantime, it wouldn’t be a bad idea to change your Apple account password and enable two-factor authentication if you haven’t already done so.

Permalink to story.

 

Camikazi

Posts: 982   +339
Google is never my only backup, if this were to happen to me I would clear the device myself and start over.
 

Uncle Al

Posts: 7,485   +5,992
Could be cheaper for Apple to hire a few European "Professionals" to track down these boys and give them a little CTL-ALT-DEL .... you know, to put them back on the right path to sainthood ...... LOL
 

Lurker101

Posts: 850   +386
Honestly, I don't think Apple should pay. Once you pay, it sends out a clear message not only to this group but to others also that these attacks and tactics work and so, there will be more of them.
Potentially wiping live devices is a huge problem and one the security team should be immediately looking into resolving, but most people should (but probably don't) have important data backed up on non-networked physical media such as external hard drives and usb keys.
 

cuerdc

Posts: 211   +62
Fake news, surely would have wiped a few million then request ransom. Or possible legit except all fake accounts. Would of been better served on April 1st.
 

kapital98

Posts: 333   +261
Honestly, I don't think Apple should pay. Once you pay, it sends out a clear message not only to this group but to others also that these attacks and tactics work and so, there will be more of them.
Potentially wiping live devices is a huge problem and one the security team should be immediately looking into resolving, but most people should (but probably don't) have important data backed up on non-networked physical media such as external hard drives and usb keys.
Is it possible this has to do with Wikileaks releasing government loopholes? If so, it shouldn't be too hard to patch.

With that said: Apple should reply to this with strong counter-intelligence. Many companies do this. Give a reward to any hacker that can find a security flaw within your system. Sign an NDA with the hacker, pay them, and then implement a patch.

The last thing you would want to do is pay a hacker ransom. Then it just releases the floodgates. By having counter-intelligence you are essentially providing insurance for your products.
 

j05hh

Posts: 189   +57
Could be cheaper for Apple to hire a few European "Professionals" to track down these boys and give them a little CTL-ALT-DEL .... you know, to put them back on the right path to sainthood ...... LOL
The Boogeyman- John Wick is on the case
 

ddferrari

Posts: 471   +226
TechSpot Elite
"but are keeping details close to the vest"

I assume you mean "close to the chest"
And your assumption would be wrong. Try Google next time before you post- it took me all of five seconds to type in "close to the vest" and discover that it is a real phrase... and think about it: where does one wear a vest? Why, over the chest!

Idioms
16.
play it close to the vest, Informal. to avoid taking unnecessary risks.

http://www.dictionary.com/browse/play--close--to--the--vest