Possible iCloud security exploit April 7?
What do you need to do now, before April 7, for your Apple iCloud security? Just in case…
Back up and Two-factor authentication or Apple’s trusted device system is the ultimate security for the protection of your iCloud music, pictures, documents, and projects.
300 million iCloud accounts in danger
UK’s National Crime Agency (NCA) arrested a 20 year-old male on Tuesday, in suspicion of “Computer Misuse Act and extortion offences” and searched an address in London, for any router used by the suspect, as well as computer hardware, mobile phones, and digital storage devices. The arrested individual is suspected of having committed blackmail, under Section 21 of the Theft Act 1968, and unauthorized access with intent to commit or facilitate commission of further offences, under Section 2 of the Computer Misuse Act 1990, according to the warrant.
A person, who provided a copy of the warrant to Motherboard, said that it might be connected to the ongoing attempted extortion of Apple by the Turkish Crime Family. The unknown hacker’s gang claimed to have access to over 300 million iCloud accounts and threatened Apple to remotely wipe data from those millions of Apple devices unless Apple pays the ransom in Bitcoin or Ethereum, or $100,000 worth of iTunes gift cards.
The cyber criminal group calling itself the ‘Turkish Crime Family,’ threatened Apple last week to remotely wipe data from millions of iOS devices by April 7, unless Apple pays a ransom of $75,000. Turkish Crime Family handed over sample data to ZDNet, which spoke to 10 people who verified their data as actual login information. Apple, however, said the data came from “previously compromised third-party services,” and released a statement denying that its servers had been hacked.
Attracting Press Attention
Recently, another hacking group called The Dark Overlord breached a slew of companies, stole their data, and then took the data to journalists in order to pressure victims into paying ransoms. “The Dark Overlord” is taking full advantage of a weapon that many other cybercriminals overlook; one that he hopes will make him more threatening, and ultimately help in getting targets to cough up ransom demands: the media. By courting press attention, he puts pressure on organizations to pay up. Another hacker tried to sell the account information, including emails and passwords, of 117 million LinkedIn users. People re-use passwords over and over, so if one of their accounts is compromised, all their other accounts become vulnerable too.
Other hacking and surveillance tools, exposed by the Dark Matter documents target Apple’s computers and phones, but they do not function on the current generation of Mac computers and iPhones.
From all accounts, the Turkish Crime Family is following a similar strategy: after Motherboard first reported the news of the extortion attempt, someone from the group sent a copy of the article to Apple, along with the message, “They’re gonna keep coming.”
“I just want my money, and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing,” one of the hackers told Motherboard.
The hackers provided screenshots of alleged emails between the group and members of Apple’s security team. One also gave Motherboard access to an email account allegedly used to communicate with Apple. The hackers also uploaded a YouTube video of them allegedly logging into some of the stolen accounts. The hacker appears to access an elderly woman’s iCloud account, which includes backed-up photos, and the ability to remotely wipe the device.
Apple’s reply to hackers:
“We firstly kindly request you to remove the video that you have uploaded on your YouTube channel as it’s seeking unwanted attention, second of all we would like you to know that we do not reward cyber criminals for breaking the law,” a message allegedly from a member of Apple’s security team reads. (Motherboard only saw a screenshot of this message, and not the original). The alleged Apple team member then says archived communications with the hacker will be sent to the authorities.
After the publication of this article, an Apple spokesperson told Motherboard in an email, “There have not been any breaches in any of Apple’s systems including iCloud and Apple ID. The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services. We’re actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved. To protect against these types of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication.”
Using two-factor authentication or Apple’s trusted device system, and Back up vulnerable data, is the ultimate protection of your iCloud music, pictures, documents, and projects.
Two-factor authentication adds a second level of authentication to an account log-in. When you have to enter only your username and one password, that’s considered a single-factor authentication. 2FA requires the user to have two out of three types of credentials before being able to access an account. The three types are:
Something you know, such as a personal identification number (PIN), password or a pattern
Something you have, such as an ATM card, phone, or fob
Something you are, such as a biometric like a fingerprint or voice print
Learn how to back up your data. For your iCloud iPhone, iPad, or iPod touch, the easiest way to do this is to back up your device’s files to your Mac or PC with an iTunes backup.