Support NeoGAF

[Majine]

Note: Bring lots of salt. Still, sad!

A single hacker or group of hackers who have identified themselves as the "Turkish Crime Family" allegedly have access to at least 300 million iCloud accounts, but they are willing to delete the alleged cache of data if Apple pays a ransom by early next month, according to a report from Motherboard.

The hackers have allegedly demanded $75,000 to be paid in cryptocurrencies Bitcoin or Ethereum, or $100,000 worth of iTunes gift cards, by April 7, or they will reset a number of the iCloud accounts and remotely wipe victims' Apple devices. The email accounts are said to include @iCloud.com and @me.com addresses.

The report said that the hackers "provided screenshots of alleged emails between the group and members of Apple's security team," while the hackers also shared an unlinked YouTube video that seemingly shows proof of them accessing "an elderly woman's iCloud account" and "the ability to remotely wipe the device."

If the screenshotted email is accurate, which it very well might not be, a member of Apple's security team turned down the ransom, noting that Apple does "not reward cyber criminals for breaking the law."

"We firstly kindly request you to remove the video that you have uploaded on your YouTube channel as it's seeking unwanted attention, second of all we would like you to know that we do not reward cyber criminals for breaking the law," a message allegedly from a member of Apple's security team reads. (Motherboard only saw a screenshot of this message, and not the original). The alleged Apple team member then says archived communications with the hacker will be sent to the authorities.
Apple did apparently request to see a sample of the dataset, according to the report, but it is unclear if the hackers obliged.

"I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing," one of the hackers said.

The report should be treated with a healthy dose of skepticism, as these allegations could be untrue, and Apple has yet to confirm or comment on the matter.

Source

 

[……forgetit]

Only $75k

Small minded hackers.

 

[Skellig Gra]

Set the mark a little low there guys.

 

[Magwik]

75k because they got jack shit

 

[Hippopuncher12]

100k in itunes gift cards? Those dudes must play some gacha games.

 

[Bjoern the Smexy]

Only 75k?

https://www.youtube.com/watch?v=cKKHSAE1gIs

To be paid in Bitcoin, no less?
What the actual fuck?!

 

[iMax]

$100,000 worth of iTunes gift cards

 

[Davidion]

or $100,000 worth of iTunes gift cards

Something tells me they didn't think this whole thing through.

 

[Jarrod38]

Don't worry Kim Dotcom will pay them.

 

[sibarraz]

Are those 75k with the inflation from 1870 right?

 

[blanchot]

$75k per iCloud account?

 

[HotHamBoy]

That's millions in kiddie script money.

 

[kmax]

lol, the balls of these guys.

They're fucked sideways.

 

[FZZ]

lmao

these are either really reasonable and realistic hackers

or they just dumb as shit and are extorting well below what they can

 

[commedieu]

So they're like.. 12. Or from a country with a good exchange rate?

Even then. Risk vs reward.

 

[KraftyKrankins]

or $100,000 worth of iTunes gift cards

Really??? Might as well just give out your address then.

 

[Vilix]

75k because they got jack shit

This. Apple has some of the best security. I doubt there's anything to this.

 

[Viewt]

The fucked up thing here is that Apple would probably pay these guys $75K as a bug bounty if their exploit is as serious as they claim, and they wouldn't have to make threats.

 

[Netherscourge]

So, everyone just change your password.

Problem solved?

 

[Sou Da]

How will we get the Big E sextape now?

 

[BlackGoku03]

They shoulda just did it and used that as a threat for cash. But since they're either not smart or don't have the ability to do so.

 

[Mass_Pincup]

Something tells me they didn't think this whole thing through.

Really??? Might as well just give out your address then.

This is to be resold.

 

[close to the edge]

If they're smart, they are just bluffing. $75,000 is less than pocket change for Apple and they might have thought that they'd just pay it to get it over with or something. If they actually do have access to those accounts, then they are really lowballing it.

 

[BY2K]

Dr.EvilOneMillionDollar.gif

 

[Skel1ingt0n]

And Apple has one of their mid-tier guys do something on the back-end tonight and all is well. Apple has probably one of the strongest private security teams on the planet - I doubt they're worried.

 

[BeforeU]

hahaha 75k or 100k gift card. wtf is this shit.

 

[Netherscourge]

Update: The group claims additional hackers have stepped forward and shared additional account credentials, putting the number of accessible iCloud accounts at over 627 million, according to security-centric website CSO Online.

Now it's 627 million accounts.

 

[Linkstrikesback]

Even if they do have anything... they can't wipe accounts. No way a company like apple doesn't keep meticulous, often, backups of everything.

edit: Oh, I guess they could maybe (lol) wipe a few peoples devices, but they don't have anything anyway, given the absurdly low ransom.

 

[vypek]

75K? LMAO. So they are stupid and don't have anything or is it that they feel the likelihood of getting paid gets much higher when they ask for such a small amount

 

[commedieu]

hahaha 75k or 100k gift card. wtf is this shit.

Some gafer.

 

[Machine]

$75,000

 

[HoodWinked]

apple probably settles for much less to patent trolls on a regular basis. if the hackers have a demonstrable way of showing that they actually have the means to do it and info on how to plug the security hole its probably more economical to do it.

 

[Mass_Pincup]

Now it's 627 million accounts.

More than half a billion?

I wonder how many iCloud account there is.

 

[Daedardus]

Now it's 627 million accounts.

Their nephew overheard them on the playground at school and now he wants a share of the money too.

 

[ElRenoRaven]

I'm torn on this. I agree don't give in to criminals. I want to feel sorry for people that are hacked. At the same time I don't. Maybe it will take something like this to teach all of these people a lesson about securing their shit. But I do know that some just don't know better. So I do feel kind of sorry for those folks. Either way Yea apple should not compromise. Maybe apple can require everyone who isn't using two factor to change their passwords. Maybe some sort of pop up notice on their devices.

 

[Chezzymann]

i want 75k

 

[tuffy]

This whole story is nonsense. Apple could just, I dunno, maybe not process millions of suspect iCloud account resets going through their own system. Or trace where thousands of dollars worth of their own iTunes gift cards have gone to and alert the authorities.

 

[GK86]

75K lol.

 

[Netherscourge]

You can't even buy the next iPhone for $75K.

 

[Somnid]

They have nothing. Even if they did Apple can just suspend wiping of the devices. And even if Apple gave them giftcards they could disable them. This is so stupid.

 

[badcrumble]

I've got the most recent two-factor authentication setup on mine so I'm fine regardless, but these guys sound like they're full of shit too.

 

[Xando]

75k for 300 million accounts?
Yeah seems legit

 

[Zasa]

75k?!

 

[mdubs]

https://www.youtube.com/watch?v=cKKHSAE1gIs

 

[Nafai1123]

100k in iTunes gift cards is absolutely hilarious.

 

[SilentRacoon]

That's like one month worth of rent in SF.

 

[SwiftDeath]

They should offer $100,000 in itunes gift cards

Seems like a fair deal

 

[TankRizzo]

How much longer on those sausages, Charlie?

 

[Juno]

I like to think Apple keep laughing and saying no and then eventually the hackers come back and say...

"Okay, we're prepared to lower our demands... We want 25 new, sealed iPhone 5Cs in Lime Green. And that's our last offer!"

 

[Zeyphersan]

Now it's 627 million accounts.

They ain't got shit