Hackers Threaten to Wipe More Than 300 Million Apple Devices Remotely
A group of hackers that call themselves the “Turkish Crime Family” claim that they have access to more than 300 million accounts of Apple users, including @icloud and @me domains. The group is demanding a ransom of $75,000 in Bitcoin or Ethereum or $100,000 in iTunes gift cards.
The news was first reported by Motherboard. In an email exchange with Motherboard, the hacker said, “I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing.”
In a comment to Motherboard, an Apple spokesperson downplayed the attack, saying, “There have not been any breaches in any of Apple’s systems including iCloud and Apple ID. The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.”
The spokesperson added that the company is actively monitoring to prevent unauthorized access to user accounts and is working with law enforcement to identify the criminals involved.
At first, the claims did not seem credible because the ransom was so low, the number of stolen passwords seemed too high, and the hackers kept escalating their numbers (from 300 to 559 to 627 million accounts). Recent investigations with about 70,000 purported iCloud accounts released by the hackers to journalists for verification, however, indicate that a number of the stolen accounts are valid.
The best way to avoid falling prey to such cybercriminals is to use strong passwords and, when possible, two-factor authentication.