Apple is reportedly in the grip of a very public extortion attempt, with the blackmailers promising to wipe 200 million iCloud accounts and reset the iPhones to factory default if they do not receive tens of thousands of dollars.
The hackers claim to have access to hundreds of million iCloud accounts which they've promised to use to reset customers' iPhones if they do not receive US $75,000 (£60,000) in bitcoin, or US $100,000 (£80,000) in iTunes gift cards by 7 April.
Motherboard, a tech news outlet, broke the story yesterday, having been tipped off by the extortionists. The group handed over screenshots of a conversation that it had supposedly had with Apple's security team and an account which was apparently used to communicate with the team. It did not, however, hand over details of any accounts which might verify the group's claims.
In the correspondence between the two groups, The Turkish crime family claims to have access to 300 million apple email accounts, only then to change that number to 559 million accounts.
According to Twitter accounts thought to be associated with the group, the number of accounts in its possession has increased to 627 million, and the group claims to be strengthening its infrastructure for the upcoming assault.
The Twitter account also promised more attacks and that this assault on iCloud accounts would only be its first.
We are a new organization, the 7 April 2017 attack isn't going to be our only one. This is just the start.— Turkish Crime Family (@turkcrimefamily) March 21, 2017
Publicity is often sought by hackers to help further their extortion efforts. Not only did the hackers publish a video showing them accessing accounts, but according to Motherboard, went to multiple outlets before approaching them.
Apple has not yet responded for comment. This article will be updated when it does.
The Turkish Crime Family's claims have yet to be verified. If they are legitimate, David Kennerly, director of threat research at Webroot told SC Media UK, “The consequences for Apple and its millions of users would be far reaching.”
Dan Sloshberg, cyber resilience expert at Mimecast explained to SC that such tactics are not uncommon. In fact, “Ransom attacks are the most popular method used by cyber-criminals today. Perpetrators have simply become too good at it and quietly paying attackers off in the event that networks are breached is quickly becoming the norm and only emboldens them further.”
An Apple spokesperson told SC that there have not been any breaches of Apple's systems and that the list of email addresses and passwords seems to have been taken from breaches on third-party services. Apple are "monitoring to prevent unauthorised access to user accounts and are working with law enforcement to identify the criminals involved."