Hackers demanding ransom from Apple provide small sample of valid iCloud credentials


Posts: 3,073   +97

A couple of days ago news broke about a group of hackers calling themselves the Turkish Crime Family claiming they had access to at least 300 million Apple accounts, and were demanding a ransom of $75,000 in Bitcoin or Ethereum or $100,000 in iTunes gift cards directly from Apple. The hackers are threatening to remotely wipe victims' devices if Apple doesn't pay by April 7.

Apple responded to the threat by stating that there had not been any breach of its systems, and that if hackers had access to iCloud accounts then they must have gotten them from third party services — people often reuse their same credentials for multiple websites, which is a poor security practice.

To prove they’re not joking around the group recently contacted ZDNet with a small sample of 54 account credentials for verification purposes. Some accounts dated back to 2011 and were no longer in use, but of those that could be contacted by ZDNet, 10 people confirmed that the passwords were accurate.

Now, this doesn’t prove that the hackers have managed to obtain 300,000 credentials, just that they do have access to some. Moreover, most of the people confirmed that they used their iCloud email address and password on other sites, although three claimed that they weren’t used in any other site.

Whether the threat is to be taken seriously or the result of a group of hackers looking for some publicity and the possibility of a quick payout (which we doubt will ever happen), it wouldn’t be a bad idea to change your Apple account password and enable two-factor authentication if you haven’t already done so.

Permalink to story.



Posts: 2,568   +2,154
TechSpot Elite
I would have to agree that they shouldn't pay them since that will just encourage more of this. Also, I'm betting they didn't get anything major. If they really wanted to prove they broke in, I would imagine that they would use an apple exec as a sample.


Posts: 327   +424
It's pointless to pay them. They would just come back a week later and demand even more money.


Posts: 2,949   +2,711
What kind of hackers would even think Apple would pay? It's common sense to not pay cause you are just delaying it from happening again.

Uncle Al

Posts: 8,001   +6,775
Dear Apple: Once upon a time I used to train young men to hit targets at 800+ meters with a high level of dependability. Once we agree upon a price, I would propose to put together 10 teams of three that will roam the earth and, on your demand, eliminate such threats. And even if you provide me a bunch of robots, I will still be able to train them as well as provide basic maintenance........