In case you find your iPhone or iPad wiped clean in a couple of weeks, you can thank a certain Turkish Crime Family for being responsible for it and Apple for not caving in to their demands. The Turkish Crime Family is a hacker group claiming to have over 600 million iCloud credentials from iCloud, Me and Mac.com domains. It’s reported that over 220 million of these accounts have been tested as active and that number is no laughing matter.
The Turkish Crime Family is threatening Apple that they will wipe the data from over 200 million Apple devices is they don’t pony up 150,000 dollars. Should Apple give in? Perhaps, or they could issue a change password request that could be ignored by over half of the 200 million potential targets. In case the TCF makes good with their threat, Apple could still have millions of users flooding their genius tables complaining of wiped devices and accounts.
Now the Turkish Crime Family isn’t exactly high profile, but they claim to have been stealing credentials from private entities for years, selling those credentials in the Dark Web. They have in their possession 519 million iCloud credentials but haven’t been able to sell them because of Apple’s tight security measures, and since money is hard to come by through Apple credentials, they might as well use them. Thanks to other hackers who forked in other credentials they stole, the TCF now has over 600 million credentials they can blackmail Apple with.
Again, over 220 million of those credentials are fully functional. Apple can send out an alert to all their users, but a big percentage of them will largely be ignored until it’s too late. If something does happen in a couple of weeks resulting in wiped data, Apple can blame their customers all they want but will still have to serve around 100 million angry customers. Because, you know, customers.
One problem here is how Tim Cook will handle this. Should they cough up 0.0000000n% percent of the cash they’re sitting on, or act all badass and say ‘We don’t negotiate with terrorists’? They can probably cough it up as the amount is just one day of an Apple Store then lock down their servers to prevent hackers from stealing credentials directly from them again. The problem with giving money is that it’s a precedent for more. Can they say no to Oliver in time?
Or they can go badass, find some way backup their customers’ data, let the TCF do their thing, tell the customers off, brace for the fallout then go gangsta on the TCF with the help of the feds whom they refused to assist before. Either way, Cook is cooked unless Apple can find a way to quickly secure their systems right down to their users in the coming weeks. The TCF and other hackers can always steal those credentials again from unsuspecting Apple users through malware bots, rogue apps, keyloggers and phishing schemes. They could have accumulated all that from the users in the first place.
Another question is can the TCF really pull it off? Not being a fatalist here but they probably could through some automated means. A substantial chunk of that 600 million probably don’t use two-factor authentication or even Touch ID. Touch ID is simple and convenient, but two-factor authentication really puts a damper on the convenience department as some users don’t like waiting for a text message before they can gain access to their accounts even after putting in their passwords. Passwords are already cumbersome as it is to some people.
Because the best way to handle blackmail is to not give in because there’s a good chance of a repeat. Apple will have to let its users know, nag them like Microsoft does if they have to and have them change their PINs and passwords as soon as possible. Nothing beats personal vigilance and security for end users as they’ll bear the brunt of the problem anyway and not Apple. TCF can either cash in or wreak mayhem and Apple will have plausible deniability on their side.