Members of the group which calls itself Turkish Crime Family claim that they’ve been involved in selling databases of stolen credentials for the past few years.
“The group said via email that it has had a database of about 519 million iCloud credentials for some time, but did not attempt to sell it until now. The interest for such accounts on the black market has been low due to security measures Apple has put in place in recent years, it said.” reported ComputerWorld.
The members of the group are originally from Istanbul, but now seem to be located in Green Lanes, an area in North London.
The situation is not so critical, changing the iCloud passwords will make ineffective the operation of the crooks. As usual, let me suggest also to enable two-factor authentication.
Initially, the Turkish Crime Family crew asked Apple a $75,000 ransom in Bitcoin or Ethereum cryptocurrency. Now the group has increased its request raising the ransom value to $150,000, and the group intends to increase it further if Apple doesn’t pay in three days.
Apple did not immediately respond to a request for comment.
“We are doing this because we can and mainly to spread awareness for Karim Baratov and Kerem Albayrak, which both are being detained for the Yahoo hack and one of them is most probably facing heavy sentencing in America,” a representative for the group said via email. “Kerem Albayrak on the other hand is being accused of listing the database for sale online.”
At this point we have to wait April 7, this is the date when the hackers plan to launch the mass attack on iCloud accounts and wipe their contents.
(Security Affairs – iCloud credentials, Turkish Crime Family)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.