Are Turkish hackers planning to wipe your iPhone, iPad, or Mac on April 7th? Evidently they are. When news of the threat first came out, many didn't take it seriously. After further review, experts are growing more and more concerned. Here's what you need to know.
First, some history. The story was first published on March 21st 2017 by Motherboard. The post details an attempt by a group identifying itself as "Turkish Crime Family" to extort between $75,000 and $100,000 from Apple. The group claims to have the necessary iCloud logons for millions of Apple customers - credentials which can be used, among other things, to remotely wipe a device. This is precisely what the hackers are threatening to do.
Apple has purportedly taken a tough stance. The group posted alleged communications from Apple saying that they do not reward cyber criminals. If this is true, don't expect the ransom to be paid.
Fast forward to today. ZDNet's Zero Day blog reported that an analysis of a subset of stolen accounts showed that many of the credentials are indeed legitimate. The group claims to have 250 million accounts, and if even a small percentage of them are usable, a lot of people could be at risk.
How did hackers obtain the data in question? Experts believe that much of it comes from hacks of other websites rather than a breach of Apple itself. It works like this:
- A user sets up their new Apple device and creates an iCloud account, which includes a free email address.
- The individual later uses that same email address and password to create accounts on other websites.
- One or more of those other websites fall victim to a data breach.
- Hackers test the stolen credentials to see if they'll work elsewhere, including iCloud itself.
It seems pretty simple. Yes, everyone uses the same username and password everywhere. It's human nature, and it's a really terrible idea. We recently blogged about this very topic as it relates to a series of Yahoo data breaches.
So what can you do? Fortunately it's not very difficult. Change your Apple password and change it everywhere else you've ever used it. More importantly, it might be time to enable two-factor authentication. We recently blogged about this as well, and though people hate it, 2FA dramatically reduces the chances of falling victim to hacks like this. You can read about it here, and follow these steps to make the change to your iCloud account.
You can also find out if your credentials were ever breached by signing up for a free notification service by https://haveibeenpwned.com. This site scours the internet and lets you know if your information appears in hacked data.
Change your credentials today! While you're at it, start using unique passwords for each logon, Also, consider using two-factor authentication everywhere it's offered.