blackMORE Ops Learn one trick a day ….
If you are an Apple user and thought that your data was secure, perhaps it’s time you retracted that thought. According to Motherboard, an Information and Technology Security magazine, a gang of hackers going by the name “Turkish Crime Family” allegedly claim a hold of over 200 million iCloud Compromised Accounts.
Following the screenshots of exchanged email communication between Apple and the hackers, they seem to be coercing the company to part with $75000 payable through the untraceable crypto-currency Bitcoin or Ethereum. Alternatively, payment can be made via iTunes gift cards amounting to a total value of $100,000 in exchange. A snippet from their demand
Our calculations:
If everything goes to plan we’ll have enough power to factory reset 150 accounts per minute per script, Our server strength can currently handle 17 scripts per server,– 150 x 17 = 2550 accounts factory reset per minute per server
– 2550 x 250 servers = 637500 accounts per minute
– 637500 x 60 minutes = 38250000 million accounts reset per hour(Also this sum of “$75,000” is very inaccurate and was given to apple by one of our media team which offered $75,000 per person which was later upped to $100,000 per person. There are 7 members in the group. We also requested additional stuff from Apple which we would prefer to keep it private)
The screenshots reveal that Apple security team has been in communication with the gang over the alleged attack. In one of them, a yet to be identified member of the company requested the hackers to share a section of the data set to confirm their claim. The email headers clearly point to the @apple.com domain, but from the independent eye, that is not proof enough as anything can be falsified in this modern day and age of Photoshop.
Motherboard further reports that these BlackHats uploaded a video on YouTube demonstrating their prowess by logging into several of the compromised accounts. In one notable instance, the video shows the hacker accessing an account of an elderly woman which carries backed-up photos, where he can remotely wipe the data off the device.
Here’s the email manifesto from “Turkish Crime Family” added in pastebin
Apple’s response to the attack shows that it is not yet inclined to the payment of the demanded amount. A message from one of the security members reads: “We firstly kindly request you to remove the video that you have uploaded to your YouTube channel as it’s seeking unwanted attention, second of all we would like you to know that we do not reward cyber criminals for breaking the law.” However, someone uploaded the video in youtube again, so here’s the link:
It is clear that the company is not willing to comply at the moment, but as history indicates and as the 7th April deadline approaches, they might come around it and pay the ransom eventually.
200 Million iCloud accounts will be factory reset on April 7 2017
— Turkish Crime Family (@turkcrimefamily) March 21, 2017
This isn’t the first time Apple finds itself drowning in a pit of thorns over the security breach. In 2016, Russian hackers held ransom to over 40 million iCloud accounts where they demanded between $30 and $50 from individual victims. Although this was a personal level attack, Apple stood up for its consumers and aided in counterattacking the hackers. Sometimes even forced to pay the ransom of behalf of the victims.
If you possess Apple devices, what can you do to keep your data secure while awaiting official communication from the company? Here are some tips you can employ.
Change Your iCloud Password
Yes, replace your old password with a stronger and more secure password. Additionally, turn on two-factor authentication on your device. This eliminates the possibility of the hackers using your account as a pawn to lure Apple company to pay the ransom.
Backup Your Data Elsewhere
Have multiple locations of data storage. In case your iCloud data gets deleted, you’ll still have your data intact your backup account.
Pull Down Sensitive Data from Your Account
It’s best if you cross-check your account for any data that would compromise personal privacy or allow access to other accounts. They include other accounts’ password backups, sensitive photos, files, etc.
That said, the attack evidently proves the common notion that security is just an illusion. We can only hope that this will be the last attack on one of the biggest technology firms – that the attempt to engage with the media to increase chances of the ransom payout will fail.
Reference
- Turkish Crime Family Twitter Page
- Alleged Email from Turkish Crime Family
- Hackers: We Will Remotely Wipe iPhones Unless Apple Pays Ransom
- Hackers claim they will wipe iPhones and iCloud accounts unless Apple pays ransom