Hackers try to extort Apple by threatening to wipe iPhones

Someone claiming to be a group of hackers called themselves the “Turkish Crime Family” has apparently been trying to extort money from Apple. As Motherboard reported a few days ago, the group claims to have login details for hundreds of millions of Apple accounts and is threatening to remotely wipe devices via iCloud unless it’s paid $ 75,000 in Bitcoin or $ 100,000 in iTunes gift cards. Today, ZDNet says that it was able to verify 54 accounts revealed by the hackers, although it’s still unclear how many other accounts they have or how they came by them.

In a statement, Apple said its systems have not been breached, and the alleged list appears to have been obtained from other sources. It also says it’s “actively monitoring” to prevent unauthorized access and is working with law enforcement.

Apple:

There have not been any breaches in any of Apple’s systems including iCloud and Apple ID. The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.

We’re actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved. To protect against these type of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication.

Because of shared passwords, hackers frequently use details obtained in other breaches to try and access more valuable accounts, which may be happening here. Previously, we’ve seen hackers try to extort users directly this way, using Find My iPhone to remotely lock devices until they’re paid. We’ve contacted Apple and will update this post if there are any other details.

Now that at least some of the information has been verified, it seems like a good time for anyone who has (or used to have) an Apple or iCloud account to update and lock down their security settings. Even if these hackers (or someone else) has obtained a password for your account, using two-factor authentication should keep them from being able to access details or remotely wipe devices.

Instructions on setting up two-factor authentication for your Apple ID can be found here. Additionally, if you haven’t changed your password in a while, or have ever shared it with an account anywhere else, it’s a good idea to change it to something strong and unique. Visit Apple’s password reset page at https://iforgot.apple.com/ (check for the secure padlock and correct URL in your address bar) to do that now.

Source: ZDNet

Engadget RSS Feed

Hacker’s unofficial ‘Watch Dogs 2’ app is incredibly appropriate

After successfully linking GTA V to an iPhone, the same Hungarian hacker has now developed software that allows users to manipulate Watch Dogs 2 from their smartphone. Using the programming language, Python, YouTuber Planetleak DIY Projects has managed to recreate the game’s Dedsec app on his iPhone — and the irony of creating an iPhone hack for a game about hacking probably wasn’t lost on him.

Thanks to clever keypress emulation and screenshots mimicking the look of the game’s smartphone, the custom app instantly navigates a convincing replica of Watch Dogs 2’s in-game menu via the iPhone’s touchscreen.

It’s certainly a step-up from the hacker’s GTA V app. While his 2015 effort required an Arduino in order to recreate GTA‘s button presses, he claims this new software-only solution has resulted in a far smoother and less laggy experience. When the YouTuber contacted Ubisoft, the company expressed interest in the project, giving him permission to share the app’s source files. These means that anyone can modify the software (or simply use it as is) by downloading the source code for the Python server.

A couple of years ago, hackers didn’t need to bother creating these kind of solutions. After the Wii U launched, many publishers initially responded by releasing companion apps for Xbox 360 and PS3 games, offering non-Nintendo gamers a second screen experience of their own. While these apps were pretty useful, they were largely seen as a gimmick and after declining public interest, publishers quickly stopped developing them.

With this console generation seeing fewer and fewer games launching with companion apps, gamers who liked a degree of smartphone integration will have to rely on the work of hackers like this one.

Source: Planetleak DIY Projects

Engadget RSS Feed