Hackers who claim to have gained access to over 300 million iCloud and Apple email accounts are threatening to wipe user data unless Apple pays a ransom. The self-styled "Turkish Crime Family" are threatening to remotely wipe millions of iThings unless Apple pays it $75,000 in crypto-currency or $100,000 in iTunes gift cards …
Wednesday 22nd March 2017 15:48 GMT Gordon Pryra
They seem to be offering the same levels of support that the "Geniuses" in the Apple Shops do
ie, Wipe it and reinstall
Maybe Apple are playing with the idea that they can sack all their support staff and let the kiddies at "Turkish Crime Family" provide free support to their customers
Wednesday 22nd March 2017 15:58 GMT gnasher729
Re: Quite ironic
You certainly don't go to the same store that I use. I twice had problems with a device that I wasn't willing to solve myself, and in both case the "Genius" solved it for me, with no problems.
That said, obviously you should have your phone backed up, so "wipe it and reinstall" is indeed a painless way to solve some problems without any loss of data.
Wednesday 22nd March 2017 16:53 GMT swschrad
Wednesday 22nd March 2017 20:02 GMT Anonymous Coward
Re: back the phone up early and often
Although I back up religiously (you know, with candles and incense burners) as well as normally, I have as yet not had that happen to me. I may just have been lucky, but I've been on beta releases since the last iOS v9.
I reckon it's going to happen when I forget to make a backup. That's how these things work :).
Thursday 23rd March 2017 08:33 GMT Anonymous Coward
Re: Quite ironic
Ex genius here....
You'd be amazed at just how many problems ARE solved with a DFU restore...
But, as others have mentioned, Apple has made it so damned easy to restore your data, I'm not entirely sure what's to be gained here....
Oh, that's right, the belief that people are careful with their data.... When was the last time you checked your backups?
Thursday 23rd March 2017 08:53 GMT Gordon Pryra
Re: Quite ironic
It was just a joke, and I have provided support to the public in my early days so I know support staff don't deserve any bad press. No offense was intended to anyone who works in those shops,
Then again, this is a kind of joke story with the international criminals having grabbed the passwords for millions of devices asking for .......£75k
They could have sold those for a few hundred k in minutes if they were actually any for of real bad a334 HaXZ0rs
Wednesday 22nd March 2017 16:25 GMT DougS
The Dr. Evil picture is appropriate
$100,000 is ridiculously cheap if they actually had a half billion accounts they could wipe! If they really had that many, asking for a mere penny each would net $5 million! Of course even if they had that many they could never hope to trigger a remote wipe on more than a tiny fraction before Apple noticed and shut it down!
In fact, if Apple has been smart, they already have something automated that notices a jump in the number of remote wipes being triggered and calls a halt to any more happening until it can be investigated.
Wednesday 22nd March 2017 19:08 GMT P. Lee
Re: The Dr. Evil picture is appropriate
>$100,000 is ridiculously cheap if they actually had a half billion accounts they could wipe!
The trick to getting the cash is to make sure its a no-brainer to pay, even if Apple think they probably don't need to.
But... I think they picked the wrong target. I don't think "paying other people" is Apple's style.
And even if you wiped the icloud data, wouldn't it sync back from the phone?
Wednesday 22nd March 2017 21:20 GMT DougS
Re: The Dr. Evil picture is appropriate
It sounds like they are threatening a remote wipe, where you can remotely wipe your phone (i.e. if it is stolen) if you had previously set up "Find my iPhone" on your phone. Or someone else could, if they have your Apple ID / password.
You could of course resync from iCloud or from an iTunes backup, but that would still be pretty inconvenient!
Remote wipe is probably something it would be good to use two factor authentication with, but since for most people the second factor will be their phone...
Thursday 23rd March 2017 00:29 GMT james 68
Wednesday 22nd March 2017 16:45 GMT gryff
Unless Apple don't have that many accounts
If the number of *active* Apple accounts < Turk family claim
...then Apple say "Fuq-U"
Let's assume anything older than 5 years is gone (upgrade, migrated away)
Rough production is 200 million iphones a year ==> 1 billion devices
Slice some off for the three year replacement cycle and add some on for ipads etc. but ignore desktops.
Probably no more than 800 million accounts, perhaps as few as 600 million.
Apple can now take a massive backup (thanks for the warning!) and rate limit any wipe requests to slow up a bulk delete in order to combat it.
Thank goodness I still use my filofax and a hardwired landline.
Wednesday 22nd March 2017 16:49 GMT JustsomeBlokeinAz
Am I the only one?
Who thinks that Apple should give them specially crafted Gift card codes that are A) Tracked and B) shut down any account they are used on until the law enforcement agency of choice gets an investigation completed of the account owner?
Maybe over simplified (mainly because they would probably sell the cards for pennies on the dollar), but really? That is like going to a department store, holding up the store up and asking for the proceeds to be given on a company issued credit card.....
Mine's the one with the ice pack for my head.... might want to get that desk looked at too....
Wednesday 22nd March 2017 18:00 GMT jtaylor
Re: Am I the only one?
Gift codes are indeed easier to trace than cash / cryptocash. They are also easy to sell on to unsuspecting people before the codes are traced and cancelled.
Before I buy a gift card second-hand, I verify the balance, then spend it all immediately after I pay for it.
Thursday 23rd March 2017 10:17 GMT paulf
Re: Am I the only one?
I'm with @JustsomeBlokeinAz on this and it looks like Lee Munson also spotted its potential from his quote in the article "I cannot help but wonder if the option to pay $100,000 in iTunes gift cards, rather than $75,000 in untraceable crypto-currency, could have been explored in association with law enforcement".
Gift cards like those from Apple and Amazon that credit an online account from a claim code can be traced easily as SOP never mind if they're specially set up for a sting like here. If they are sold on then fool on the person buying the second hand gift card of completely unknown provenance. Lets face it, chances are it's more likely hookey than not especially if sold at a suspiciously deep discount which suggests it's at best stolen, if not fraudulently obtained. So they could have set up a nice trap to capture the hackers/fraudsters this way. Even if they sold on the cards there should be a paper trail to catch them unless they were bought off some bloke down the pub for cash. Flea-bay is enough of a bear pit but should have a reasonable paper trail back to sellers; anywhere else well you get what you deserve.
As an aside I'd ask how you check the balance without being given the code off the card? The seller isn't going to send the code or card before receiving cleared payment as once the seller has given you the claim code how are they going to make you pay for it?
Frankly they missed a chance to catch the buggers!
Wednesday 22nd March 2017 18:14 GMT Doctor_Wibble
Wednesday 22nd March 2017 18:28 GMT Steve Davies 3
Re: Offer Green Shield Stamps instead
Have an upvote for mentioning a piece of history.
All you young whippersnappers won't be old enough to remember the joys of licking the sheets of stamps and sticking them into the books.
The six day war (if my memory serves me right) efficively killed them off but it might have been a later conflict in that area.
Wednesday 22nd March 2017 18:45 GMT Ilsa Loving
Password reuse is overwhelmingly the most likely avenue. The average joe is notorious for not only using really lousy passwords, but using the same ones over and over again across different systems. To be fair, there are just *so many* different systems that there is simply no way to use a different password with each one.
The only option today is some kind of password manager that can store unique credentials for every site/service that you use. There's really nothing else that strikes a good balance between security and ease of use, and the way things have been going (and continue to go), the need only intensifies.
Off the top of my head, I can think of three:
-1password (which I use and have been happy with)
Lastpass is probably the most convenient and well known because it's a cloud services that you don't have to manage.
1Password stores passwords in a local encrypted database. You can sync between different devices via wifi, or by putting the data store on dropbox. It supports multiple 'vaults', and works on most major platforms.
Enpass is similar to 1Password, but doesn't (yet) support multiple vaults, and has better platform support including linux.
There are other ones out there, of course, but those are the three I know most about.
Wednesday 22nd March 2017 20:45 GMT Grunchy
Thursday 23rd March 2017 19:40 GMT Roland6
>If they're gonna wipe data by April 7, what if you backup before then?
Well that raises the obvious question, namely: to what extent do public cloud providers such as Apple iCloud, MS OneCloud etc. actually backup client data.
In the case of iCloud, assuming the typical account has the 5GB free storage allocation and is using 2GB of it, then 300M accounts represent circa 600M GB of data or 75 petabytes to be backed up, whilst the use of delta's might reduce the nightly load it is still a lot of backup media...
Thursday 23rd March 2017 00:14 GMT The Nazz
Missing a trick here?
TCF : Apple, it's $100k or we wipe.
Apple : We;ll let you know be fore the 7th.
Crowdfunded anti fan-bois : $ here's 110 k, just do it now.
TCF : Ha ha Apple, it's now $120k to wipe.
Crowdfunders etc : not so fast, here's $130k to wipe. Go on, do it.
and so on.
I will not make any facetious comment as to how often a Turk wipes.
Thursday 23rd March 2017 08:34 GMT Oh Matron!
Thursday 23rd March 2017 10:33 GMT paulf
I didn't as I thought it through and hit a snag:
If 2FA uses your iPhone to confirm logins what happens if you lose your iPhone? That's the one time you really need to login to iCloud very quickly from another device so you can do a remote wipe but it's also the one time you won't be able to complete the login because you've lost a main link in the 2FA chain! It's possible Apple have thought of this but I didn't find a way around it (happy to be corrected though).
Apple email me if I sign into iCloud from a new device. I appreciate that isn't fully secure but they'd have to hack my email to stop me seeing that and the email is completely separate to any service provided by Apple.
Thursday 23rd March 2017 09:20 GMT StuartCRyan
Some tips for friends and family in the mean time.
While time will tell the extent of this, I have been recommending the following to my friends (copied with minor edits to remove brand recommendation from https://www.facebook.com/stuart.c.ryan/posts/10154564151426973).
As a precaution, here are some prudent tips:
1. Log into your Apple Account at https://appleid.apple.com/ and enable two-factor authentication if you haven't already (see https://support.apple.com/en-au/HT204915) .
2. While you are there, if you have not changed your password in a while, consider doing that too (https://support.apple.com/en-au/HT201355).
3. As the threats include the threat of remotely wiping devices, you can disable this on each of your iCloud connected devices. See Macworld's good article on how to do this for each device type: http://www.macworld.co.uk/how-to/iphone/how-turn-off-find-my-iphone-remove-iphone-ipad-or-mac-from-find-my-iphone-3645302/ . Note that if you do this, you will also be unable to use the Find my iPhone/iPad/Mac feature. Until more details come out, personally I feel this is acceptable given the risk.
4. When you are logged in at https://appleid.apple.com/account/manage, check to ensure there are no devices you do not recognise under 'Devices'.
5. For the next few weeks, periodically do a local backup using iTunes of your iDevices. See https://support.apple.com/en-au/HT203977 and click on 'Use iTunes'. I recommend you also set a backup password, this encrypts the backup and stores additional information making a future restore easier.
6. As always, BACKUP BACKUP BACKUP. For your Mac, I would already hope you have backups in place. If not make sure you do!
Time will tell what will happen with these accounts, it never hurts to take a few prudent steps until the community at large knows more.