Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Hackers attempt to extort Apple with threat to remotely wipe iPhones, iPads

Last updated

Hackers are allegedly trying to extort Apple by holding its customer's data for ransom, with threats to reset a number of supposedly compromised iCloud accounts and remotely wiping connected iPhones and iPads if they are not paid.

The group, self-identified as the "Turkish Crime Family," want either $75,000 in the Ethereum or Bitcoin cryptocurrencies or $100,000 in iTunes gift cards from Apple, reports Motherboard. Apple has been given a deadline of April 7 to meet their demands, or else the hackers will start wiping the accounts and iOS devices.

The hackers provided screenshots to the report that allegedly showed conversations with Apple's security team, as well as providing temporary access to an email account supposedly used for communicating with Apple as further proof. In one message said to be from Apple, an unnamed security team member asks the hackers "are you willing to share a sample of the data set?," possibly to confirm accounts were genuinely breached.

The hackers have also allegedly uploaded a video to YouTube, showing them accessing some of the stolen accounts and viewing stored data, as further proof of their capabilities.

Another message supposedly from Apple asked for the removal of the YouTube video, before advising "We do not reward cyber criminals for breaking the law." In the same message, the security team claims an archive of communications with the hacking group will be sent to authorities.

The extent of the potential damage to iCloud accounts the hackers can cause is questionable, with an initial claim of access to over 300 million Apple email accounts on the @icloud and @me domains later changed to 559 million accounts. It is also noted the compromised accounts provided to the report to verify the hacker's claims were in fact the accounts featured in the YouTube video, with no credentials provided for any other account under the group's control.

It is also possible the hackers went to the report in order to try and apply pressure from the media to coerce payment from Apple, with Motherboard seeing multiple messages to outlets in the email account it was given access to. "I just want my money and though this would be an interesting report that a lot of Apple customers would be reading and hearing," the hackers wrote in a message to the report.

It is unclear exactly how the hackers acquired access to so many accounts, though it is unlikely to have been via a breach of Apple's servers. It is plausible for the account credentials to have been acquired through other means, such as the account holders using the same email address and password combination for other services which have suffered a major breach, or through social engineering.

As part of an investigation into the leaks of compromising photos of celebrities from iCloud accounts, Apple discovered that it was caused through social engineering, hackers successfully phishing for hundreds of account credentials. So far, two hackers pleaded guilty to the activities, with one sentenced to 18 months in prison, and another for nine months, as well as restitution.