It looks like the CIA isn’t the only organization capable of taking over your phone.
Hackers claiming to have compromised at least 300 million Apple account ID’s and passwords say they will initiate a complete wipe of iPhones and iClouds if the Cupertino, California based technology company doesn’t pay them a ransom.
The group, which goes by the name Turkish Crime Family, says Apple has until April 7th to come up with either $75,000 in BitCoin or $100,000 in iTunes gift cards.
According to Motherboard, the group posted a Youtube video proving they have compromised the credentials of millions of iCloud accounts, which could then be used to wipe an iPhone remotely and potentially locked users out of critical phone features.
The hacker appears to access an elderly woman’s iCloud account, which includes backed-up photos, and the ability to remotely wipe the device.
“We firstly kindly request you to remove the video that you have uploaded on your YouTube channel as it’s seeking unwanted attention, second of all we would like you to know that we do not reward cyber criminals for breaking the law,” a message allegedly from a member of Apple’s security team reads. (Motherboard only saw a screenshot of this message, and not the original).
According to one of the emails in the accessed account, the hackers claim to have access to over 300 million Apple email accounts, including those use @icloud and @me domains. However, the hackers appear to be inconsistent in their story; one of the hackers then claimed they had 559 million accounts in all. The hackers did not provide Motherboard with any of the supposedly stolen iCloud accounts to verify this claim, except those shown in the video.
As of this writing it appears that Apple is refusing to pay any ransom.
But the hacking team says refusal to do so will lead to serious consequences for tens of millions of iPhone users and the date is rapidly approaching.
Posting directly to their Twitter page, the Turkish Crime Family warns April 7th will be Apple’s digital doomsday:
200 Million iCloud accounts will be factory reset on April 7 2017
— Turkish Crime Family (@turkcrimefamily) March 21, 2017
Hackread.com notes that the hackers’ story is inconsistent and it’s possible that this is nothing more than a baseless shakedown:
However, some loopholes can be seen in their story. According to reports, one of the group’s members mentioned that the number of iCloud accounts in their control are 300 million, but another representative of the group claimed the total number of compromised accounts are 559 million. Moreover, according to their tweet, the number of iCloud accounts is 200 million, clearly showing something is fishy or miscommunication within the group.
Apple has not yet confirmed the hack and his remained quiet about its potential implications.
But as tech site BGR notes, there is an easy solution iPhone and iCloud users can implement right now to stop any potential attacks on their devices dead in its tracks:
On the off-chance that the hackers are indeed holding access to millions of iCloud accounts, you might consider changing your password to protect your Apple ID
Better safe than sorry. If you utilize Apple devices change your password immediately, just in case.