When bad bugs bite: Apple iCloud accounts ‘held hostage’

For those of you with Apple devices, you may want to read this. Recently, a group of attackers identifying themselves as the ‘Turkish Crime Family’ have reportedly come into possession of a large amount of compromised iPhone and iCloud accounts.

Through these accounts, anyone with the credentials can locate the devices you may carry, access the stored pictures in iCloud, and also remotely wipe the device.

The group claims that it has access to approximately 200-250 million credentials, maybe more, which it says it will reset unless Apple pays the ransom it is demanding (the amount reported by the media varies – between $75,000 in cryptocurrency and $1 million in iTunes vouchers).

Currently, Apple does have a bug bounty program. However, they are not of the ethos to pay attackers holding data hostage.

A screen capture provided to a news outlet from the so-called Turkish Crime Family’ shows a message from Apple’s security team stating that they do not reward cybercriminals for breaking the law.

Other videos and screen captures have shown the attackers validating the logins by logging into an account that is part of the compromised cache of data.

In subsequent screen capture from Apple’s security team, Apple has stated that archived transcripts of the conversations will be provided to the appropriate authorities.

So far, a date of April 7th has been given for the attackers to receive the funds before the resets commence.

The group has also been approaching various media groups in an attempt to draw attention to the issue, forcing Apple to pay the ransom that is being demanded.

It is unknown truly if the rumors of mass compromise of are true, however, this is just another indication to play it safe in cyberspace and make smart decisions when it comes to securing your devices.

Author , ESET

Follow us

Copyright © 2018 ESET, All Rights Reserved.