Today is the day the Turkish Crime Family says they will be wiping millions of Apple accounts. The hacking group raised some alarms over the past few weeks when they sent out an email to media claiming to have 800 million Apple account details. The group was asking Apple for a ransom demand for the information it claims it has but Apple has since denied they have anything of consequence. The hacking group has been drumming up media coverage and providing samples of the data which have been analyzed and determined to have come from earlier breaches. The group posted their target time for wiping all of the Apple accounts on Twitter last night.
7 April 2017 7:30 PM GMT
— Turkish Crime Family (@turkcrimefamily) April 6, 2017
UPDATED (04/0/2017 05:42p ET): Turkish Crime Family has posted to Twitter claiming Apple has paid the ransom they were seeking. They provided the bitcoin transaction as proof but some Twitter users are claiming the transaction is fake. We have reached out to Apple for comment.
Hello everybody, look what we have here https://t.co/I3B0wh1Udv
— Turkish Crime Family (@turkcrimefamily) April 7, 2017
Now more doubts are being raised as to the group’s actual ability to wipe said Apple accounts and even if the accounts they have are even still in use.
Analysis of a sample set of purloined account data performed by Troy Hunt, who runs the Have I Been Pwned data breach reporting website, shows that the information correlates to data leaked in earlier breaches, not new credentials. Hunt crunched the numbers on account data provided to ZDNet which was said to represent a portion of the hundreds of millions of Apple credentials that the “Turkish Crime Family” hackers possess. He found that the vast majority – 98 percent – matched accounts already listed as compromised in the Have I Been Pwned collection of data breaches. Hunt believes the hackers have simply cobbled together a list of email addresses using Apple domains like .me, .me.com.au, .icloud.com and similar from existing data breaches.
In the end, Hunt believes the Turkish Crime Family may have around 53,000 actual accounts that weren’t in previous data dumps. Hunt adds that most people are probably safe as most of these accounts likely have changed passwords or they may be invalid accounts.
“The chances of anything of significance happening to Apple accounts today is near zero,” Hunt said.
That’s not to say some people will not be affected. Hunt adds that some may be impacted and it’s those users who have easily cracked passwords and no two-factor authentication who may actually see their accounts wiped. The Turkish Crime Family has said the attack will take place today 7:30 PM GMT. Even if you don’t think you’re at risk, it’s never a bad idea to update and change your password as well as enable two-factor.Source: IT News