Apple Says iPhone & iCloud Are Safe After Claimed Breach by 'Turkish Crime Family'
New statements from Apple make it clear that they do not believe a hacker, or group of hackers, breached any of their systems. This comes after a recent report from Motherboard that a hacker gang called the "Turkish Crime Family" is threatening to remotely wipe up to 559 million iPhones by April 7.
The hackers claim they hold an alleged cache of stolen accounts, and their goal is to shake down the big Apple for $75,000 in Bitcoin or Ethereum cryptocurrency. Alternatively, in lieu of those options, they will even accept $100,000 in iTunes gift cards (a potentially risky option for them).
Apple responded to the allegation that the hackers breached its systems, assuring their systems were not compromised, but did not confirm if the hackers do in fact hold an entire collection of Apple IDs and passwords. Whatever information they do have, probably came from previously comprised third-parties.
"If the list is legitimate, it was not obtained through any hack of Apple," an Apple spokesperson told Fortune in an email. "There have not been any breaches in any of Apple's systems including iCloud and Apple ID."
Even if the data didn't come from an Apple breach, it could still mean your iCloud login details are out there. Fortune suggested that the logins could be from the LinkedIn hack, in which login info from 117 million accounts was sold on the black market site "The Real Deal." Though, if the Turkish Crime Family really has 559 million accounts, well, a mere fraction of the 117 million from LinkedIn doesn't really cut it.
The hackers have been sending login information to media companies in an effort to gather attention to their scam. For example, The Next Web received a small fraction of the alleged data from the hackers, and cross-referenced the info with the site Have I Been Pwned, which checks to see if your email or username has been compromised in a hack.
Most of the samples provided to TNW don't appear to have been involved in the LinkedIn hack or other hacks in the Pwned database, but TNW was able to access the accounts with the login information provided by the hackers, so the info looks legitimate. They can't test every login, so the small sample may not be indicative of the whole.
The Turkish Crime Family also noted to TNW that all conversations with Apple were actually kept private and never reported to Motherboard. Instead, the conversation between the Turkish Crime Family and Motherboard were led by a member that has now been removed for his "inaccuracy" and "lack of professionalism," an the group denies the authenticity of Motherboard's report. Overall, the hacking team seems to have a hard time sticking to one story.
Now, the hacker group is confirming Apple's statement that its systems have not been breached, and that the stolen data was obtained through previously compromised systems over the last five years. The Turkish Crime Family is, in fact, not contradicting Apple. They did not breach the company, nor did they ever state to Motherboard that they stole the info directly from Apple.
Rather, after Motherboard's breaking March 21 report, a breach was assumed by some news outlets such as BGR, though most media sites never directly stated that the hackers breached Apple. The Turkish Crime Family's initial response to Motherboard, and the group's only statement, was to extort Apple over an alleged cache of iCloud and other Apple email accounts. The group never stated where their cache of data came from until today when they contacted TNW in response to Apple.
Check out the group's response to Apple, which they wrote and shared with TNW on Pastebin, a site where users can store text online for a specific period of time. Pastebin gets an unjust bad rap thanks to its popularity among cyber thieves, and is now being linked to yesterday's London attack.
Yes, this could all be a game played by this hacking group to bring attention to their extortion efforts and gain publicity, but again, you never know.
Changing your iCloud passwords and all accounts associated with your Apple account password would be a good idea either way. Enabling two-step authentication is also a good safety step. To do this, go to Settings on your iPhone, select "iCloud," then tap your Apple ID and choose "Password & Security." Then, select "Turn on Two-Factor Authentication" and follow the prompts. This will ensure that no one can log into your iCloud account unless they have physical access to your device—even if they've hacked your password.
Also, if you're too lazy to update all your passwords, you should check to see if your accounts have been hacked on Have I Been Pwned and change any passwords that are the same as the leaked ones associated with your email info. Once all that's taken care of, scroll through the Turkish Crime Family's Twitter and laugh at their spooky claims.
In the same email to Fortune, an Apple spokesperson stated that the company is actively monitoring the situation and working with law enforcement to identify the criminals.