A 22-year-old man who tried to blackmail Apple back in 2017 was sentenced in London to a two-year suspended jail term, 300 hours of unpaid work and a six-month electronic curfew.
The suspect and co-conspirators threatened to mass-hack iCloud accounts and factory reset 250 million iPhones and iPads.
According to the UK National Crime Agency (NCA), the suspect Kerem Albayrak acted as a public face for a hacker group known as the Turkish Crime Family.
It was him who contacted Apple and put forward threats and ransom demands and also contacted the reporters to promote the would-be hack.
The NCA stated that the first contact was made on March 12, 2017, when Albayrak emailed Apple’s security team to claim he had access to iCloud accounts that he planned to sell online. He demanded that Apple must pay $75,000 in crypto-currency, or a thousand $100 iTunes gift cards, in return for deleting the database.
A week later, he posted a YouTube video showing himself accessing random iCloud accounts.
Later on, 21st March, Albayrak changed the threats where he demanded Apple to pay $100,000 or he would access 250 million iCloud accounts, reset iCloud passwords, and factory reset users’ devices.
Apple had contacted the authorities from the beginning itself. Since the tech giant refused to fall for the extortion demand, the number of compromised accounts and also the hacker’s tendency to talk to reporters and hype up the threat also increased.
But Albayrak failed to secure his online presence. UK police arrested the hacker on March 28, 2017. However, the NCA did not find any evidence of him having access to Apple’s iCloud infrastructure.
During 2017, Apple said Albayrak only had access to iCloud accounts for which users reused passwords, and those passwords leaked online through breaches at other services.
This month Albayrak pleaded guilty and was sentenced. The arrests of other members of the Turkish Crime Family hacking group were not announced by the NCA.