A group of hackers calling themselves ‘Turkish Crime Family’ is trying to blackmail Apple into paying them a ransom. They’re threatening to reset iCloud data and remotely wipe out iDevices on April 7 if their demands aren’t met.
In a Pastebin post, the 7-member Turkish Crime Family said that they asked for $100000 per person. They claim to have over 750 million Apple owned extensions out of which 250 million are live. The hackers assert that the credentials were gathered from multiple databases and encompass @icloud.com, @me.com and @mac.com domains.
Worryingly enough, Turkish Crime Family say that the total number of active iCloud accounts in their possession is growing since more people are getting involved and sending them additional data. The group appears to have been in touch with Apple over email, as evidenced by screenshots given to Motherboard by members of the unit.
Turkish Crime Family also uploaded a YouTube video which allegedly depicts them logging into a couple of stolen accounts, allowing them to view backed-up photos and remotely reset devices. Apple seems to have responded to this by asking them to take the video down and warning them of legal action.
Apple later told the publication that no iCloud or Apple ID breaches have taken place. However, it did confirm that the list of email addresses and passwords appear to have been obtained from third-party services. The company is actively working towards preventing unauthorized access and coordinating with law enforcement.
It’s unclear how far back Turkish Crime Family’s cache of stolen data goes and the veracity of their claims. In any case, it would be best for users to activate two-factor authentication, change their passwords, and make sure the key is not being used for another service.