Skip to main content

Hackers demand Apple pay up or millions of iCloud accounts will be wiped

New report verifies some iCloud credentials stolen by hacking group targeting Apple

A group of hackers is allegedly trying to extort Apple by holding its customers’ data for ransom and threatening to remotely wipe iCloud accounts connected to both iPhones and iPads if those ransoms are not paid.

The group self-identifies as the “Turkish Crime Family,” and it is demanding either $75,000 in Ethereum or Bitcoin or $100,000 in iTunes gift cards, according to a report from Motherboard. The hackers gave Apple an April 7 deadline to meet the demands — or else they will start wiping both phones and iCloud accounts.

Recommended Videos

But is this all legit? New reports indicate so. The hacking group provided tech publication ZDNet with a sample set of the iCloud credentials, and ZDNet was subsequently able to verify the information. How? Well, it used Apple’s password reset tool to verify 54 accounts belonging to U.K.-based iCloud customers.

It’s important to note that while all 54 accounts were valid, ZDNet was only able to verify the actual passwords of 10 people. As part of the verification process, the reporters reached out to all of the victims, and at least one of them noted that their password was changed around two years ago, so the breach could be at least a few years old. Most of the individuals said that they used the same login credentials on other websites — which supports the concept that the group didn’t hack Apple but rather used information from other breaches.

According to Motherboard, one of the hackers claims to have gained access to 300 million Apple email accounts, including those using @icloud and @me domains. Another hacker in the group claimed that the group had access to 559 million accounts in all.

And the group said it’s been in touch with Apple’s security team. A member of the Turkish Crime Family provided screenshots of alleged emails between the group and Apple engineers, as well as a YouTube video of one of the hackers logging into a stolen account.

But a report from The Next Web pokes holes in the group’s claim. At least some of the credentials the Turkish Crime Family provided to the publication “[weren’t] functional,” the publication reported on Wednesday, March 22.

And Apple told Fortune that its security team found no evidence of an infiltration. “There have not been any breaches in any of Apple’s systems including iCloud and Apple ID. The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.”

In a new statement released Thursday, March 23, the Turkish Crime Family clarified that it collated the collection of iCloud credentials by combing through five years’ worth of compromised databases.

Motherboard notes that the hackers approached multiple media outlets, potentially in an attempt to put pressure on Apple, as hackers sometimes feed information to reporters in order to help extortion efforts.

Apple says it’s working with the authorities to bring the hackers to justice, and it’s likely we haven’t heard the last of this story. We’ll update this article as we hear more.

Article originally published 03-22-2017. Updated on 03-24-2017 by Christian de Looper: Added news that ZDNet verified the information.

Christian de Looper
Christian de Looper is a long-time freelance writer who has covered every facet of the consumer tech and electric vehicle…
Apple will pay up to $1M to anyone who hacks its AI cloud
Apple's Craig Federighi speaking about macOS security at WWDC 2022.

Apple just made an announcement that shows it means business when it comes to keeping Apple Intelligence secure. The company is offering a massive bug bounty of up to $1 million to anyone who is able to hack its AI cloud, referred to as Private Cloud Compute (PCC). These servers will take over Apple Intelligence tasks when the on-device AI capabilities just aren't good enough -- but there are downsides, which is why Apple's bug-squashing mission seems like a good idea.

As per a recent Apple Security blog post, Apple has created a virtual research environment and opened the doors to the public to let everyone take a peek at the code and judge its security. The PCC was initially only available to a group of security researchers and auditors, but now, anyone can take a shot at trying to hack Apple's AI cloud.

Read more
I finally tried Apple Intelligence in macOS Sequoia to see if it lived up to the hype
The redeisgned Siri user interface in macOS Sequoia.

For the last few years, Apple’s macOS releases have been interesting, if not particularly exciting. But that’s all set to change this year with the launch of macOS Sequoia, and it’s all thanks to one feature: Apple Intelligence.

Apple’s artificial intelligence (AI) platform has the potential to completely change how you use your Mac on a daily basis. From generating images, rewriting emails, and summarizing your audio recordings to revamping Siri into a much more capable virtual assistant, Apple Intelligence could be the most significant new macOS feature in years.

Read more
How to use iCloud for backups on your iPhone, iPad, or Mac
A splash screen showing the iCloud logo an icons of various Apple apps and services.

Apple’s iCloud platform is more than just cloud storage, as it comes with a massive array of tools and features that take your Apple devices to the next level. Better yet, a large number of these features are entirely free and don't require you to update macOS, though you can pay for extras if you want more functionality. That makes iCloud something that’s both powerful and flexible for Apple fans.

But how exactly do you use it? What is iCloud+, and how much does it cost? You’ll find the answer to these questions and more in our guide below, so read on to get the lowdown on Apple’s cloud platform.
What is iCloud?

Read more