• March 26, 2017
  • Blog

Apple iCloud ransom demands: The facts you need to know. Welcome to the wonderful world of security nuance.

Hackers are demanding Apple pay a ransom in bitcoin or they’ll blow the lid off millions of iCloud account credentials.

Beyond the primary headline, however, there are a bevy of loose ends and nuances to ponder.

So far, we know that a London-based hacker group, calling itself the Turkish Crime Family, has claimed to have access to 250 million accounts (at the time of writing). The hackers are threatening to reset the passwords on those iCloud accounts and remotely wipe iPhones if Apple doesn’t pay a ransom by April 7. Those demands have since changed and increased. Motherboard, which first reported the story, noted that the media-hungry group has approached multiple outlets, possibly to help its extortion efforts.

For its part, Apple has said it hasn’t been hacked. In a brief statement to sister-site CNET, the company said the data came from “previously compromised third-party services,” and that it is “actively monitoring to prevent unauthorized access to user accounts.”

That seems to tie in with what the hackers said in an email to some members of the press late on Wednesday. The hackers denied any direct breach of Apple systems. What muddies the water is that the hackers also appear in some cases to have passwords that have been only used for iCloud. Welcome to the wonderful world of security nuance.

We have worked for the past few days to get to the bottom of this. Here’s what we’ve learned.

ZDNet obtained a set of 54 credentials from the hacker group for verification. All the 54 accounts were valid, based on a check using the site’s password reset function. (You can learn more about how we verify data breaches here.)

Read the rest of the article by clicking the link: http://zd.net/2n7BTzH