Hackers Claim Access To 300 Million iCloud Accounts, Demand $75,000 From Apple To Delete the Cache of Data

A hacker or group of hackers calling themselves the "Turkish Crime Family" claim they have access to at least 300 million iCloud accounts, and will delete the alleged cache of data if Apple pays a ransom by early next month. Motherboard is reporting that the hackers are demanding "$75,000 in Bitcoin or Ethereum, another increasingly popular crypto-currency, or $100,000 worth of iTunes gift cards in exchange for deleting the alleged cache of data." From the report: The hackers provided screenshots of alleged emails between the group and members of Apple's security team. One also gave Motherboard access to an email account allegedly used to communicate with Apple. "Are you willing to share a sample of the data set?" an unnamed member of Apple's security team wrote to the hackers a week ago, according to one of the emails stored in the account. (According to the email headers, the return-path of the email is to an address with the @apple.com domain). The hackers also uploaded a YouTube video of them allegedly logging into some of the stolen accounts. The hacker appears to access an elderly woman's iCloud account, which includes backed-up photos, and the ability to remotely wipe the device. Now, the hackers are threatening to reset a number of the iCloud accounts and remotely wipe victim's Apple devices on April 7, unless Apple pays the requested amount. According to one of the emails in the accessed account, the hackers claim to have access to over 300 million Apple email accounts, including those use @icloud and @me domains. However, the hackers appear to be inconsistent in their story; one of the hackers then claimed they had 559 million accounts in all. The hackers did not provide Motherboard with any of the supposedly stolen iCloud accounts to verify this claim, except those shown in the video.

Two factor

[Chewbacon]

Let's see if all this 2-factor authentication is everything it's cracked up to be!

$75k?

[Moheeheeko]

Do they know its Apple they have by the balls?

Re:$75k?

[wonkey_monkey]

Yeah, they're realy under-pricing their hoard, assuming they really have it.

I wonder if they just compromised enough accounts via other means in the hopes of passing light scrutiny and $75,000 was the most they thought they might possibly get away with asking for without anyone bothering to take a closer look.

heart cloud

[fluffernutter]

Love the cloud. Love the cloud. Love the cloud. Love the CLOUD.

Re:heart cloud

[n329619]

Love the cloud

There is no cloud. It's just someone else's computer.

Re:When people are dumb enough to rely on the clou

[Striek]

I can't believe shit like this gets modded up. People like you - the ones who blame the user - give people like me a bad name.

They put it on iCloud - as far as they know, THAT IS A FUCKING BACKUP. They have independently set up an iCloud backup, as far as they are aware. Calling them stupid does nothing to address the cause, which in your example, is a shitty user interface provided by Apple that did not adequately inform the user of the effects of the action in question.

No, they do not "deserve" this. They made a simple mistake. We all do. Believing an iCloud copy is a reliable backup is a perfectly reasonable assumption to a layperson. They have a copy on their iPhone, and a backup copy in an iCloud account. Or conversely, they have a copy in an iCloud account, and a backup stored on their iPhone - THEIR OWN FUCKING MEDIA.

You seem to not understand that not everyone should be expected to maintain the level of knowledge you have on this matter. They don't understand it - so they place their trust in Apple - who, by all accounts, should know a hell of a lot more about this matter than they do.

Some prudent tips I have shared with friends

[technicalnotebook]

While time will tell the extent of this, I have been recommending the following to my friends (copied verbatim from https://www.facebook.com/stuar... ).

As a precaution, here are some prudent tips:
1. Log into your Apple Account at https://appleid.apple.com/ and enable two-factor authentication if you haven't already (see https://support.apple.com/en-a...) .
2. While you are there, if you have not changed your password in a while, consider doing that too (https://support.apple.com/en-au/HT201355).
3. As the threats include the threat of remotely wiping devices, you can disable this on each of your iCloud connected devices. See Macworld's good article on how to do this for each device type: http://www.macworld.co.uk/how-... . Note that if you do this, you will also be unable to use the Find my iPhone/iPad/Mac feature. Until more details come out, personally I feel this is acceptable given the risk.
4. When you are logged in at https://appleid.apple.com/acco..., check to ensure there are no devices you do not recognise under 'Devices'.
5. For the next few weeks, periodically do a local backup using iTunes of your iDevices. See https://support.apple.com/en-a... and click on 'Use iTunes'. I recommend you also set a backup password, this encrypts the backup and stores additional information making a future restore easier.
6. As always, BACKUP BACKUP BACKUP. For your Mac, I would already hope you have backups in place. If not, my favourite is CrashPlan http://crashplan.com/ and I have used it for years/put many friends onto it also.
Time will tell what will happen with these accounts, it never hurts to take a few prudent steps until the community at large knows more.