“I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing,” said a hacker to Vice’s Motherboard blog. According to Motherboard, a hacker or a group of hackers calling itself the ‘Turkish Crime Family‘ has threatened to ‘remotely wipe’ iPhones unless Apple agreed to pay them ransom. Apple has been given a ‘deadline’ of April 7, after which the hackers will wipe off ‘millions of iPhones.’
The hackers have made Apple an offer that they will delete the ‘cache of data,’ if Apple pays them $75,000 in Bitcoin or Ethereum or $100,000 worth of iTunes gift cards.
A day after the report was published, Apple has provided its statement to Fortune. In an email, an Apple spokesperson told Fortune that the list [of compromised accounts] was not obtained through an Apple hack.
The spokesperson also clarified that there has been no breach in any of Apple’s services including iCloud. “The alleged list of emails and passwords appears to have been obtained from previously compromised third-party services,” said the spokesperson.
There have not been any breaches in any of Apple’s systems including iCloud and Apple ID.
Fortune’s report also states that Apple is actively monitoring to prevent unauthorized access to user accounts. The tech giant is also working with law enforcement to identify the criminals involved.
“To protect against these type of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication,” said the Apple spokesperson to Fortune.
iCloud Hack: Legitimacy of the Threat
As per the initial Motherboard report, hackers appear inconsistent with their claim. Motherboard was provided access to an email account by hackers. According to one of the emails, the hackers claim to have access to over 300 million Apple accounts. This figure was later changed to 559 million, however. It looks like these hackers are sitting on so many accounts, they lost their count.
While the possibility of any online account being hacked can not be denied, this data is possibly obtained from previous major hacks. These hacking incidents could include Yahoo and LinkedIn. In such case, if a user uses the same login details on multiple accounts, it can be easy for anyone to get a hold of those accounts.
How to Stay Protected?
Whatever the case maybe, it is always advised that you use different passwords for different online accounts. To keep your login credentials safe and organized, you can use password managers like 1Password or KeePass.
In this case of a possible iCloud hack, users should change their iCloud passwords to avoid any such attempt.
iCloud provides a second layer of security with two-factor authentication. After enabling two-factor authentication, you will be able to access your Apple ID from trusted devices only. To access Apple ID from an untrusted device, the password and a verification code will be required.
It is recommended that you always use two-factor authentication everywhere it’s available.
What do you think about this possible iCloud hack? Do you believe this claim by hackers? Do you trust Apple with privacy and security? Do share your thoughts.