Alleged hackers calling themselves the Turkish Crime Family have demanded that Apple pay ransom in exchange for the massive amounts of email account information and iCloud data they claim to have. They say they will remotely wipe hundreds of millions of Apple customers’ iPhones unless the company pays $75,000 in one of two forms of crypto-currency or hands over $100,000 in iTunes gift cards.
Supposed hackers issue demands to Apple
The group reportedly contacted Motherboard and said they had issued their demands to Apple. They want either $75,000 in bitcoin or ethereum or $100,000 in iTunes gift card in exchange for deleting the data they claim to have. If the iPhone maker doesn’t pay up by April 7, the Turkish Crime Family claims it will remotely wipe its victims’ iPhones on that date.
The group said it had showed Apple a YouTube video which showed how they were able to break into one of the accounts they had hacked into. In that video, the hackers appear to be breaking into an iCloud account owned by an elderly woman and accessing her backed-up photos. The hackers also showed Motherboard the video and a number of screenshots.
They also reportedly gave the website access to one of the email accounts the hackers said they used to communicate with Apple. Motherboard viewed what the hackers claim were messages exchanged with Apple’s security team, although one of the messages the supposed hackers shared was sent only via a screenshot. The website did not see the original email.
Is there reason to panic?
On one hand, you might think that hackers who really had something on Apple would demand much more than what this group wants, but on the other, if you’re an iPhone or iPad user, you may be concerned. However, Motherboard points out that the hackers’ claims were inconsistent. It’s also very easy to fake the so-called “evidence” it was presented.
For example, in one of the emails the website viewed in the account it saw, the group claimed to have access to more than 300 million Apple email accounts, including some with @me and @icloud domains. Another time, the group claimed to have had access to 559 million accounts. The group also didn’t give Motherboard access to any of the email accounts it supposedly had hacked into other than those it showed in the video it uploaded to YouTube.
Motherboard adds that the email account the group gave it access to appears to have sent messages to multiple other media outlets, possibly to pressure Apple. Whether or not the group’s demands are real, users can always reset their passwords and security information. It’s also a good idea to enable two-factor authentication, which makes it much more difficult for your account to be breached.