It’s no secret that Apple products, from the first line of Mac computers to our iPhones and iPads, are widely applauded for performance stability and increased security – which is only one of the reasons they are considered by many superior to Microsoft and Google’s Android products. In fact, Apple fans routinely stress the point that we feel our data is much safer on our beloved Apple devices than on their Android counterparts, especially in light of the countless cyber-attacks on Android products that have been reported in the news over the years.
Hacker Group “Turkish Crime Family” Alleges Unauthorised Access To Apple Accounts
Yet it seems that Apple might have gotten a rare taste of blackmail hack attacks just a couple of months ago – or did they? The story first broke on Motherboard, which reported on March 21 that a group of hackers calling themselves the “Turkish Crime Family” were trying to extort Apple for money. They claimed that they had gained access to a large cache of iCloud and other Apple email accounts and threatened to wipe them out remotely unless paid the sum of $75,000 in Bitcoin or Ethereum (both cryptocurrencies, a medium which is preferred by cyber-criminals due to the increased potential of remaining undetected), or $100,000 in iTunes gift cards.
The hackers provided alleged proof of their claims, including screenshots of what they claimed to be emails between them and Apple’s security team, as well as a YouTube video which seemed to show them logging into some of the allegedly affected accounts. According to the same source, the cyber-criminal group insisted that they had access to more than 300 million Apple e-mail accounts – but it also seemed that the story of what exactly had transpired varied between different group members, as another claimed they were able to access approximately 559 million accounts.
If what the hackers alleged was true, this was a case of what is widely known as ransomware: a type of malware attack in which the attacker accesses and encrypts the victim’s data and then demands a payment (ransom) to allow them to use it again (in this case, the hackers threatened to delete the data). In this type of attacks, cyber-criminals take advantage of human, system, network, and software vulnerabilities to gain access to the victim’s device and may use techniques such as phishing (clicking an e-mail link, which redirects the user to a malicious web page) or distribution through social media (where the victim is enticed to click a malicious link on Facebook, Twitter, social media posts, instant messenger chats, etc).
Apple Shuts Down Claims Over Security Breach
In Apple’s case, however, the hackers were mostly unable to explain in a consistent manner how they gained access to the data and Apple’s own quick evaluation of their claims led the company to unequivocally deny any security breach. In fact, in an official statement just a couple of days after the initial reports, Apple maintained that iCloud and Apple ID systems are secure and that the list of email addresses and passwords that the hackers tried to use as proof of their claims was most probably “obtained from previously compromised third-party services”.
It seems that the hackers had limited access to much less data than they claimed – which matched information previously leaked in third-party security breaches – and exaggerated in order to put pressure on Apple to pay them ransom. This easily explains why they actively pursued and craved all this media attention.