A 22-year-old man admitted to trying to blackmail Apple by claiming he had compromised millions of iCloud accounts.
The culprit, Kerem Albayrak from North London threatened to delete 319 million accounts unless he got iTunes gift cards worth $100,000.
However, investigations show that Albayrak had not compromised Apple’s systems.
He was given a two year suspended jail sentence in addition to 300 hours of unpaid work.
Albayrak sent emails to Apple’s security team in March 2017, claiming to have compromised millions of iCloud accounts.
He also posted a video on YouTube showing that he actually broke into two accounts. Then he threatened to sell the account information, dump his database online and reset the accounts unless Apple heeded to his iTunes card demands.
Albayrak also said he would accept $75,000 worth of cryptocurrency, increasing this later to $100,000.
How To Create A Stronger Password And Secure Your Accounts
Whatsapp To Launch Auto-Destruct Feature For Group Chats
Top 10 Tech Expectations For The Year 2020
The authorities arrested him at his home in north London for about two weeks after making the threat.
Kerem Albayrak used credential stuffing
Apple had investigated his claims but could not find evidence that its systems had been compromised. The UK’s National Crime Agency says that Albayrak got the email addresses and passwords from other services.
He then tried his luck, seeing if anybody had used the same username and password for their iCloud account. This type of attack is known as credential stuffing and it can be automated to speed up the process.
Albayrak said to investigators:
“When you have power on the internet it’s like fame and everyone respects you.”
In addition to the 300 hours of unpaid work, he has been given a six-month electronic curfew.
“Albayrak wrongly believed he could escape justice after hacking into two accounts and attempting to blackmail a large multi-national corporation,” said Anna Smith, a senior investigative officer for the NCA.
Make sure to follow Plat4om on Twitter @Plat4omLive, on Instagram @Plat4om, on LinkedIn at Plat4om, and on Facebook at Plat4om. You can email us at firstname.lastname@example.org. Also, don’t forget to subscribe to our YouTube channel HERE.