Tag Archives: iCloud

Panda Security

Millions of iCloud Accounts Could Be Wiped if Apple Refuses Ransom

No less than $75,000 in cryptocurrency (Bitcoin or Ether), or $100,000 in iTunes gift cards — this is the exorbitant ransom that cybercriminals have demanded from Apple. The group, calling themselves the Turkish Crime Family, claims to have stolen access to 300 million iCloud accounts, and have threatened to wipe them on April 7 (tomorrow) if the corporation doesn’t pay up.

The cybercriminals sent a series of screen shots to Motherboard that apparently show the exchange of emails between the hacker group and Apple’s security team. They also provided access to one of the email accounts that they allegedly used to communicate with the company and lay down their conditions for the deal.

According to the messages on the account, the cybercriminals uploaded videos to YouTube to show how they were able to log in to several stolen iCloud accounts and even showed how they were able to access an elderly woman’s photos and remotely delete them.

Apple Won’t Be Had So Easily

Allegedly, an Apple employee had asked the criminals to take down the video that they’d uploaded to YouTube. The company also declared, “We do not reward cyber criminals for breaking the law”.

There are a few holes in the attackers’ story. In the initial correspondence, they claimed to have accessed 300 million accounts on Apple’s iCloud, but on the Turkish Crime Family twitter account the claim was a more modest 200 million. In a later correspondence, the number jumped up to 559 million.

I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing,” one of the hackers told Motherboard. It seems clear that one of the strategies of this group is to blackmail Apple by making their actions public, alarming as many Apple clients as possible.

However, a spokesperson for Apple has stated that “there have not been any breaches in any of Apple’s systems including iCloud and Apple ID.” The supposed list of email addresses and passwords may therefore have been obtained through a third-party service that had been previously compromised.

The spokesperson also stated that they are “actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved.” We’ll have to wait until tomorrow to see if there is a real threat, or if the hackers are simply bluffing.

In any event, the company has taken the opportunity to remind users to use robust passwords, that they don’t use the same credentials over various websites, and that they activate two-step authentication to add an extra layer of security.

The post Millions of iCloud Accounts Could Be Wiped if Apple Refuses Ransom appeared first on Panda Security Mediacenter.

Hackers News

How A Bug Hunter Forced Apple to Completely Remove A Newly Launched Feature

Recently Apple released a new Feature for iPhone and iPad users, but it was so buggy that the company had no option other than rolling back the feature completely.

In November, Apple introduced a new App Store feature, dubbed “Notify” button — a bright orange button that users can click if they want to be alerted via iCloud Mail when any game or app becomes available on the App Store.

Avast

Weekend wrap-up: Cyber security news from Avast

Here’s your wrap up of security and privacy related news from the June 17 – 27 posts on the Avast blog:

 

cruise shipIt’s summertime in the Northern Hemisphere and many people are going on or planning their vacation. Beware of fake vacation packages and beautiful rental properties that are not as they seem. These Vacation scams can ruin your holiday, so read up before you become a victim.

samsung_swiftkeyMore than 600 million Samsung phones were reported to be at risk because of a vulnerability found in the keyboard app SwiftKey. The best way to protect yourself is to use a virtual private network (VPN) when using an unsecured Wi-Fi hotspot. If you have a Samsung S6, S5, or S4, you need to read Samsung phones vulnerable to hacker attack via keyboard update.

Hola logoAs we learned from the Hola VPN service revelations, any old VPN service will not do. Hola was selling their users’ bandwidth and installing and running code on their devices without their knowledge or permission. Find out the details in Hola, Hola VPN users, you may have been part of a botnet!, and please share with an Hola user.

1Mobile developer Martin Banas, attended Apple’s Worldwide Developers Conference in San Francisco. Besides spending lots of time standing in lines, he enjoyed meeting other developers and hearing the latest news about OS X El Capitan and Apple Pay. Weren’t able to attend, bit wish you could have? Martin’s conference report, Looking back at WWDC 2015, describes the event.

Jennifer Lawrence was victim of iCloud hack

Remember the iCloud celebrity photo hack? There have been many theories bandied about since nude photos of female celebrities were posted on the web. We add our own two cents into the conversation. Avast security researcher Philip Chytry explains what he thinks the origin and motivation behind the hack was in iCloud celebrity photo hack: What’s happening?!

Major cybercrooks get arrested

Major cybercrooks taken down

While the cybercrooks behind the iCloud hack have not been discovered, authorities had big wins this past week in other areas. The author and distributor of Blackshades malware was sentenced to nearly five years in a New York prison. A major cybercriminal organization responsible for banking Trojans Zeus and SpyEye was taken down. Read Businessman hackers brought down in USA and Europe.

Avast CEO Vince StecklerMore from the Edward Snowden files. It was revealed this week that U.S. and U.K. spy agencies were attempting to reverse engineer major antivirus companies software, including Avast’s.  CEO Vince Steckler spoke to RT News about government spying in the computer age. You can read the article, Avast CEO speaks out about U.S. and U.K. spy agencies, and watch the interview here.

Mr Robot TV shows about hackersAnd if the real world of cybercrime is not enough, our favorite new show of the summer Mr. Robot debuted on the USA Network this past week. We excitedly watched the first episode then talked to Avast security expert, Pedram Amini,  to find out Are the hacks on Mr. Robot real? or just Hollywood magic.

Follow Avast on FacebookTwitter and Google+ where we will keep you updated on cybersecurity news every day.

Avast

iCloud celebrity photo hack: What’s fappening?!

Via: Huffington Post

Just about a year after a plethora of celebrities’ nude photos were leaked online, two homes in south Chicago have been raided and investigators have named one of the suspected hackers. As this controversial story and investigation continues to unfold, Avast researchers have come up with a few speculations regarding the origin and motivation behind the initial hack. We’ve discussed the case with one of Avast’s security researchers, Filip Chytry, who has put in his two cents about the situation:

GR: Why might have Apple not flagged or investigated an IP address’ 572 iCloud logins and attempted password resets?

FC: “Putting it simply, Apple just doesn’t have security implemented on this level. Even though they might sound large to us, attempting to track this number of logins and attempts to reset passwords is similar to discovering a needle in a haystack when it comes to Apple’s ecosystem. To give you a better idea of what I mean, a group of users who are connecting via a VPN and using the same server will appear under a single IP address. On the other hand, it’s quite common these days for companies to implement an automatic system which is capable of detecting any source(s) of traffic. It could be an automatic system which is able to learn from daily traffic and, using gathered data, detect if there is an anomaly present (such as the one in this case). Another key factor relevant in this attack is the timeframe over which it took place. If the hackers had accessed the various accounts over a much shorter period of time, such as a few hours, it would have undoubtedly been a huge red flag for Apple.”

GR: Couldn’t it be that a neighbor or another person in a remote location could have used the two PCs as a bot to execute the hack, similar to what’s discussed in the Tweets published within this Fusion article? Could it be that someone took control of the two PCs or the routers they’re connected to and used them to perform the hack?

FC: “Although DNS hijacking could very well be the culprit here, the extended period of time over which the hacks occurred makes this possibility less likely. It’s my theory that the suspected hacker(s) could have accessed the login details of a certain database that was uploaded by other users on a warez forum. They could have then used these login details to execute the iCloud logins using a script.”

There are a handful of coincidental components present in this investigation, leaving many questions unanswered in terms of finding the true path that led to the celebrities’ photos getting leaked. To many of us, the main thing that seems fishy about the malicious attack is the fact that the potential hackers didn’t make use of an IP-masking or anonymizing tool, making them come across as rookies within the hacker world. Since the cybercriminals behind this case didn’t appear to be clever enough to anonymize themselves, it’s even possible that they had ulterior motive for performing the hack in the first place – perhaps to be noticed and/or admired by other individuals or businesses. Based off of the current facts, we’re highly interested in seeing which direction this malicious attack’s investigation will take next.