Hacker Who Targeted 300 Million iPhones Admits to Blackmailing Apple

Karem Albayrak, a self-proclaimed hacker who somehow got access to 300 million iPhones, pleaded guilty to blackmailing Apple.


150 Iphone Accounts Deleted Per Minute

Back in March 2017, The Hacker News and many other news media published reports of a hacker threatening to remotely wipe 300 million iPhones, unless Apple pays the ransom. The hacker claimed that he had access to 200 million iCloud accounts in one email, but in others, he claimed to have access to 300 million Apple email accounts. The number even increased to 559 million in one case.

The hacker’s story was full of inconsistencies, but eventually, the authorities managed to track him down and identify him as Kerem Albayrak. Now, Albayrak admitted to his crimes and has pleaded guilty to the charges of blackmailing Apple.

Recent reports claim that he admitted to being a part of a hacking group known as Turkish Crime Family, and that he threatened to wipe out accounts of millions of Apple users.

After his hearing at London’s Southwark Crown Court, Albayrak received a suspended jail term of two years. In addition, he got 300 hours of community service, as well as an electronic curfew which is supposed to last for six months.

As mentioned, Albayrak threatened to reset 300 million users, and demanded to be paid $75,000 in cryptocurrency. As an alternative, he demanded $100,000 worth of iTunes gift cards. However, Apple was quick to contact the US law enforcement agencies, as well as the NCA (National Crime Agency).

The investigators quickly concluded that the hacker was located in the UK, and soon enough, he was apprehended by the authorities. Prior to his arrest he had claimed that his hacking group could delete as many as 150 iPhones every minute.

Ransomware attacks often targeting hospitals and healthcare

Ransomware attacks have been reported plenty of times in large-scale incidents during the last several years. One of the latest examples took place quite recently in New Jersey when cyber-criminals targeted the government’s critical infrastructures, including medical facilities and hospitals. The attacks’ severity became well-known during incidents of this type, particularly when New Jersey-based Hackensack Meridian Health was struck down.

The details of the attack only became known one week after the attack took place, but the Hackensack Meridian Health — New Jersey’s largest hospital system — decided to pay the ransom.

Hospitals are often quick to pay the ransom in order to regain control over their systems. Not doing so would put the lives of their customers at stake, which is not something that they are willing to risk. However, the usual advice that experts give is not to pay the hackers, and instead, contact the authorities. The reason for this is simple — sometimes, hackers do not provide a decryption key even if the victim pays. Not to mention that paying ransom only encourages hackers to continue conducting similar attacks.

Have you ever had to deal with a ransomware attack? Let us know in the comments below.


Image via Shutterstock

Exit mobile version